[Koha] LDAP authentication

Paul POULAIN paul.poulain at free.fr
Tue Dec 13 04:46:45 NZDT 2005 

KL Nasveschuk a écrit :
> Hello,
> 
> I'm still trying to get LDAP authentication to work on Koha. I've
> modified Auth.pm with the following:
> 
>  ##################################################
>         ### LOCAL
>         ### Change the code below to match your own LDAP server.
>         ##################################################
>         # LDAP connexion parameters
>         my $ldapserver = '172.16.0.24';
>         # Infos to do an anonymous bind
>         my $ldapinfos = 'ou=users,dc=tow,dc=net ';
>         my $name  = "ou=users,dc=tow,dc=net";
>         my $db = Net::LDAP->new( $ldapserver );
> 
>         # do an anonymous bind
>         my $res =$db->bind();
>         # check connexion
>         if($res->code) {
>                 # auth refused
>                 warn "LDAP Auth impossible : server not responding";
>                 return 0;
>         # search user
>         } else {

this log
 > [Mon Dec 12 12:04:36 2005] [error] [client 172.16.60.186] LDAP Auth
 > impossible : user unknown in LDAP
 > at /usr/local/koha/intranet/modules/C4/Auth.pm line 464.

means you have an error in the following code :

>                 my $userdnsearch = $db->search(base => "$name",
>                                 filter =>"(uid=$userid)",
>                                 );
>                 if($userdnsearch->code || ! ( $userdnsearch-> count eq
> 1 ) ) {
>                         warn "LDAP Auth impossible : user unknown in
> LDAP";
>                         return 0;
>                 };
That means :
* connexion was successful (otherwise, you would have LDAP Auth 
impossible : server not responding). A good news ;-)
* the LDAP search failed. Meaning : uid=$userid is probably not what you 
had to do. The query you have to do depends on your LDAP structure, I 
can't help you more.

just another hint. Change to :
  warn "LDAP Auth impossible : user unknown in LDAP for $userid";
to see which value is in $userid !

That could help you.

HTH

Anyway, I can ensure you I have 1 (and soon 2) libraries using LDAP 
auth. Quite tricky to tune, but works fine when it's done !

Just one reminder : the member record is created in Koha when the user 
logs in in OPAC. So you MUST request all your users to log in at least 
once. That's a good solution to show you now "have the great free ILS 
called Koha" & show what it can do.

-- 
Paul POULAIN
Consultant indépendant en logiciels libres
responsable francophone de koha (SIGB libre http://www.koha-fr.org)

More information about the Koha mailing list