[Koha] LDAP auth and Active Directory
Nijnatten, Jan van
jan.v.nijnatten at philips.com
Tue Sep 15 03:55:34 NZST 2009
Hi all,
Earlier this month Anselm Olweny wrote:
======
I have installed koha in my institution library and would like patrons
to login at the opac using their active directory accounts.
I have followed the instructions in the Auth_with_ldap.pm file and
made the necessary changes in the koha-conf.xml file.
I have koha version 3.0100041, however when I login using a valid
Active Directory account I get "You entered an incorrect username or
password." in the opac. There are also no errors in both apache and
koha error logs.
I am kindly requesting for any assistance in making this work. I would
appreciate help relating to what changes I may need to do in active
directory as well or Auth_with_ldap.pm. I have attached a copy of my
koha-conf.xml so that you may show me what am getting wrong.
======
I have exactly the same problem: incorrect username, password.
I haven't modified auth_with_ldap.pm .
See my koha-conf.xml attached.
What are we doing wrong? Where can we debug?
koha-conf.xml:
<yazgfs>
<!-- [scheme:]host[:port][/databaseName] -->
<!-- scheme: tcp, ssl, unix, http, sru -->
<!-- can run all servers on tcp, but the unix socket is faster -->
<listen id="biblioserver" >unix:/var/run/koha/zebradb/bibliosocket</listen>
<listen id="authorityserver" >unix:/var/run/koha/zebradb/authoritysocket</listen>
<!-- public server runs on tcp -->
<!-- <listen id="publicserver" >tcp:@:9999</listen> -->
<!-- Settings for special biblio server instance for PazPar2.
Because PazPar2 only connects to a Z39.50 server using TCP/IP,
it cannot use the Unix-domain socket that biblioserver uses.
Therefore, a custom server is defined. -->
<!--
<listen id="mergeserver">tcp:@:11001</listen>
<server id="mergeserver" listenref="mergeserver">
<directory>/var/lib/koha/zebradb/biblios</directory>
<config>/etc/koha/zebradb/zebra-biblios.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
</server>
-->
<!-- BIBLIOGRAPHIC RECORDS -->
<server id="biblioserver" listenref="biblioserver">
<directory>/var/lib/koha/zebradb/biblios</directory>
<config>/etc/koha/zebradb/zebra-biblios.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<!-- <docpath>xsl</docpath> -->
<!-- <stylesheet>xsl/default.xsl</stylesheet> -->
<!-- <maximumrecordsize>2000000</maximumrecordsize> -->
<retrievalinfo>
<retrieval syntax="usmarc" name="F"/>
<retrieval syntax="usmarc" name="B"/>
<retrieval syntax="xml" name="F"/>
<retrieval syntax="xml" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rss2">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
<xi:include href="/etc/koha/zebradb/explain-biblios.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>localhost</host>
<port>9998</port>
<database>biblios</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include>
</server>
<serverinfo id="biblioserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>[our kohauser pw]</password>
</serverinfo>
<!-- AUTHORITY RECORDS -->
<server id="authorityserver" listenref="authorityserver" >
<directory>/var/lib/koha/zebradb/authorities</directory>
<config>/etc/koha/zebradb/zebra-authorities.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<!-- <docpath>xsl</docpath> -->
<!-- <stylesheet>xsl/default.xsl</stylesheet> -->
<!-- <maximumrecordsize>2000000</maximumrecordsize> -->
<xi:include href="/etc/koha/zebradb/retrieval-info-auth-grs1.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<retrievalinfo>
<retrieval syntax="usmarc" name="F"/>
<retrieval syntax="usmarc" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
</xi:fallback>
</xi:include>
<xi:include href="/etc/koha/zebradb/explain-authorities.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>localhost</host>
<port>9999</port>
<database>authorities</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include>
</server>
<serverinfo id="authorityserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>[our kohauser pw]</password>
</serverinfo>
<!-- ADDITIONAL KOHA CONFIGURATION DIRECTIVE -->
<!-- db_scheme should follow the DBD driver name -->
<!-- port info: mysql:3306 Pg:5432 (5433 on Debian) -->
<config>
<db_scheme>mysql</db_scheme>
<database>koha</database>
<hostname>localhost</hostname>
<port>3306</port>
<user>kohaadmin</user>
<pass>[our kohaadmin pw]</pass>
<biblioserver>biblios</biblioserver>
<biblioservershadow>1</biblioservershadow>
<authorityserver>authorities</authorityserver>
<authorityservershadow>1</authorityservershadow>
<intranetdir>/usr/share/koha/intranet/cgi-bin</intranetdir>
<opacdir>/usr/share/koha/opac/cgi-bin/opac</opacdir>
<opachtdocs>/usr/share/koha/opac/htdocs/opac-tmpl</opachtdocs>
<intrahtdocs>/usr/share/koha/intranet/htdocs/intranet-tmpl</intrahtdocs>
<includes>/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/includes/</includes>
<logdir>/var/log/koha</logdir>
<pazpar2url>http://kohadeb:11002/search.pz2</pazpar2url>
<install_log>/usr/share/koha/misc/koha-install-log</install_log>
<useldapserver>1</useldapserver>
<!-- LDAP SERVER (optional) -->
<ldapserver id="ldapserver" listenref="ldapserver">
<hostname>nlvhtcway1dc001.code1.emi.philips.com</hostname>
<base>dc=code1,dc=emi,dc=philips,dc=com</base>
<user>[our admin CN ]</user> <!-- DN, if not anonymous -->
<pass>[our password]</pass> <!-- password, if not anonymous -->
<replicate>1</replicate> <!-- add new users from LDAP to Koha database -->
<update>1</update> <!-- update existing users in Koha database -->
<auth_by_bind>0</auth_by_bind> <!-- set to 1 to authenticate by binding instead of
password comparison, e.g., to use Active Directory -->
<mapping> <!-- match koha SQL field names to your LDAP record field names -->
<firstname is="givenName" ></firstname>
<surname is="sn" ></surname>
<address is="company" ></address>
<city is="l" >Athens, OH</city>
<zipcode is="postalCode" ></zipcode>
<branchcode is="branch" >MAIN</branchcode>
<userid is="sAMAccountName" ></userid>
<password is="userPassword" ></password>
<email is="mail" ></email>
<categorycode is="employeeType" >PT</categorycode>
<phone is="telephoneNumber"></phone>
</mapping>
</ldapserver>
</config>
</yazgfs>
Jan van Nijnatten MSc | information architect | Philips Research - HTC 34 p076 | +31.40.27.47894
The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.
More information about the Koha
mailing list