[Koha] Koha authentication against existing LDAP directory

Ben Finney ben+koha at benfinney.id.au
Tue Jun 9 13:57:51 NZST 2009 

Ben Finney <ben+koha at benfinney.id.au> writes:

> When I connect from this machine using the following command, I get
> the connection fine:

It occurred to me, discussing with Chris, that perhaps what I'm seeing
from Koha is that the *authentication* worked, but the user has no
permission. If true, that would be a step forward.

Please tell me where I'm going wrong here, or how I can verify whether
this is true:


The message “Unauthorized user” appears to be coming from
‘intranet/htdocs/intranet-tmpl/prog/en/modules/auth.tmpl’, which shows
the message if ‘nopermission’ is set.

That appears to be set in ‘lib/C4/Auth.pm’ in the ‘info’ hash.

Now, my understanding was that since my configuration has:

=====
<config>
 …
 <useldapserver>1</useldapserver>
    <ldapserver id="ldapserver"  listenref="ldapserver">
        …
        <replicate>1</replicate>       <!-- add new users from LDAP to Koha database -->
        <update>1</update>             <!-- update existing users in Koha database -->
        …
    </ldapserver>
 …
</config>
=====

The ‘replicate’ setting should cause Koha to create a new account when a
user first authenticates against LDAP, and the ‘update’ setting should
cause their account to be updated from LDAP each subsequent time they
log in.

But this doesn't happen: after getting the above “Unauthorized user”
message, the ‘borrowers’ and ‘user_permissions’ tables still have no
records:

=====
mysql> select count(borrowernumber) from borrowers;
+-----------------------+
| count(borrowernumber) |
+-----------------------+
|                     0 | 
+-----------------------+
1 row in set (0.00 sec)

mysql> select count(borrowernumber) from user_permissions;
+-----------------------+
| count(borrowernumber) |
+-----------------------+
|                     0 | 
+-----------------------+
1 row in set (0.00 sec)
=====


So where am I going wrong? Is this user not authenticating? Or (as I
suspect) is the authentication successful, but the account not getting
created in Koha's database?

Should I be expecting all this to work as expected above? How can I
troubleshoot further?

-- 
 \                “Every sentence I utter must be understood not as an |
  `\                      affirmation, but as a question.” —Niels Bohr |
_o__)                                                                  |
Ben Finney

More information about the Koha mailing list