[Koha] Share Koha-LDAP conf

alen vodopijevec alen at irb.hr
Fri Jul 1 21:47:06 NZST 2011


  It's openldap and Koha ver. 3.4.2

--
alen

On 07/01/2011 08:27 AM, Oscar Gaona wrote:
> Anybody using Oracle Internet Directory, OID, for Koha-LDAP 
> authentication?
>
> Alen,in your case, what is the ldap software?
>
>
> Thanks an regards,
> Oscar
>
>
> ------------------------------------------------------------------------
> *From:* alen vodopijevec <alen at irb.hr>
> *To:* koha at lists.katipo.co.nz
> *Cc:* dpavlin at rot13.org; Oscar Gaona <ramses02 at yahoo.com>
> *Sent:* Wednesday, June 29, 2011 4:54 PM
> *Subject:* Re: [Koha] Share Koha-LDAP conf
>
> I'm not sure why but I also had to format principal_name in koha-conf.xml
> as follows:
> --
> <principal_name>uid=%s,dc=irb,dc=hr</principal_name>
> --
>
> Otherwise it doesn't work with openldap at my institution :/
>
> regards,
> --
> alen
>
>
> > 2011/6/22 Oscar Gaona <ramses02 at yahoo.com <mailto:ramses02 at yahoo.com>>:
> >> Hi all
> >> There are many questions and solutions around Koha-LDAP connection /
> >> authentication, so it seems there is not a only way to get it because
> >> each
> >> Library / Institution has its own requirements / developments.
> >> If you has a successful / useful experience on this topic, may you 
> share
> >> how
> >> you do it, please? Obviously, changing some real names / IP's
> >> Sometimes, examples are the better way to support people looking for
> >> solutions...
> >
> > For start, I would suggest to first try 3.2.10 or current git version
> > because
> > there are few LDAP fixes which just got merged into repository and
> > relesed.
> >
> > For a start, until bug 4994[1] gets merged, keep values inside
> > is="ldap-field" lower case only.
> >
> > We are using following configuration:
> >
> > <useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra
> > configs you must add if you want to turn this on -->
> >
> > <ldapserver id="ldapserver" listenref="ldapserver">
> > <!--
> > <hostname>ldaps://ldap.ffzg.hr</hostname>
> > -->
> > <hostname>ldap://localhost:1389</hostname>
> > <base>dc=ffzg,dc=hr</base>
> >
> > <replicate>1</replicate> <!-- add new users from LDAP to Koha database
> > -->
> > <update>0</update> <!-- update existing users in Koha database -->
> >
> > <auth_by_bind>1</auth_by_bind>
> > <principal_name>%s</principal_name> <!-- optional, for auth_by_bind:
> > a printf format to make userPrincipalName from koha userid -->
> >
> > <mapping> <!-- match koha SQL field names to your LDAP
> > record field names -->
> > <firstname  is="givenname" ></firstname>
> > <surname    is="sn" ></surname>
> > <address    is="ffzg-adresa_ulica" ></address>
> > <city        is="ffzg-adresa_grad" ></city>
> > <!--
> > <zipcode    is="ffzg-adresa_postanski_broj"></zipcode>
> > --->
> >
> > <branchcode  is="local-branch" >FFZG</branchcode>
> > <userid      is="hrEduPersonUniqueID" ></userid>
> > <password    is="userpassword" ></password>
> > <email      is="mail" ></email>
> > <categorycode is="hrEduPersongroupmember" >IMP</categorycode>
> >
> > <dateofbirth is="hredupersondateofbirth" ></dateofbirth>
> > <sex is="ffzg-spol" ></sex>
> > <phone is="ffzg-tel_fixed"></phone>
> > <mobile is="ffzg-tel_mobile"></mobile>
> >
> > <dateexpiry is="hredupersonexpiredate">2012-12-23</dateexpiry>
> >
> > <JMBG is="hrEduPersonUniqueNumber_JMBG"></JMBG>
> > <OIB is="hrEduPersonOIB"></OIB>
> >
> > </mapping>
> > </ldapserver>
> >
> > This configuration works with changes in bug 4994, otherwise
> > everything inside is=""
> > would have to be lowercase only.
> >
> > We are using few of HrEdu* attributes which are specific to our national
> > LDAP
> > schema, and probably unusual combination of replication (to create users
> > who
> > logged in first time over web) without update (since we will edit 
> patron's
> > data
> > locally, and then our data will be more current that LDAP data, so we
> > don't want
> > to overwrite it).
> >
> > Hope this helps.
> >
> > 1: http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4994
> >
> > --
> >  ...2share!2flame... http://blog.rot13.org
> > _______________________________________________
> > Koha mailing list  http://koha-community.org
> > Koha at lists.katipo.co.nz <mailto:Koha at lists.katipo.co.nz>
> > http://lists.katipo.co.nz/mailman/listinfo/koha
> >
> >
> -- 
>
>
>
>



More information about the Koha mailing list