[Koha] Ldap + Active Directory

Licensing Licensing at high-voltage.com
Wed Jul 13 23:16:52 NZST 2011


*** Re-Posting ***


We have not had any responses to our request for help to date.


Has anyone else run into this?

Is there a sample config someone is willing to share?



Thanking you in advance,



________________________________________
From: koha-bounces at lists.katipo.co.nz [koha-bounces at lists.katipo.co.nz] on behalf of bash-fu34 [licensing at high-voltage.com]
Sent: Tuesday, June 28, 2011 6:37 PM
To: koha at lists.katipo.co.nz
Subject: [Koha] Ldap + Active Directory

Firstly, thank you for the awesome Debian documentation! I got this far with
no trouble at all.

When I log into OPAC with an AD account I am told "You entered an incorrect
username or password. Please try again! And remember, usernames and
passwords are case sensitive."

Here is some information regarding my environment (real names hidden to
protect the innocent):

Koha version:   3.05.00.001
Debian Squeeze
DebugLevel set to 2
Windows Server 2008 r2

koha-conf.xml (ldap section)

 <useldapserver>1</useldapserver>
  <ldapserver id="ldapserver">
    <hostname>DOM.TLD</hostname>
    <base>CN=USERS,DC=DOM,DC=TLD</base>
    <user>cn=USERS,dc=DOM,dc=TLD</user>
    <pass>PASSWD</pass>
    <replicate>0</replicate>
    <update>0</update>
    <auth_by_bind>1</auth_by_bind>
    <principal_name>%s at DOM.TLD</principal_name>
    <mapping>
      <firstname    is="givenname"      ></firstname>
      <surname      is="sn"             ></surname>
      <address      is="postaladdress"  ></address>
      <city         is=""               >CITY, ST</city>
      <zipcode      is="postalcode"     ></zipcode-->
      <branchcode   is="branch"         >MAIN</branchcode>
      <branchcode   is=""         ></branchcode>
      <userid       is="samaccountname" ></userid>
      <password     is="userpassword"   ></password>

      <categorycode is="employeetype"   >PT</categorycode>
      <categorycode is=""   >PT</categorycode>
      <phone        is="telephonenumber"></phone>
    </mapping>
  </ldapserver>

I have tried enabling replicate and/or update, when I do I see the following
error:


 Can't call method "exists" on an undefined value at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 168, <DATA> line 522.


Line 168 contains:

 $userldapentry->exists('uid');

I've tried changing 'uid' to 'samaccount' since that's what I have in our
schema but the error is the same.

I see that one user was able to get AD working by editing the
Auth_with_ldap.pm file:

http://lists.katipo.co.nz/public/koha/2009-May/018547.html

The page he links to does not seem to be available at the moment, not even a
google-cached version. When I make the edits that he mentions Koha will not
even load and I get this error:


 Software error:

 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 141, <DATA> line 522.
 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 142, <DATA> line 522.
 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 143, <DATA> line 522.
 Compilation failed in require at /usr/share/koha/lib/C4/Auth.pm line 50,
<DATA> line 522.
 BEGIN failed--compilation aborted at /usr/share/koha/lib/C4/Auth.pm line
67, <DATA> line 522.
 Compilation failed in require at
/usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 25, <DATA> line 522.
 BEGIN failed--compilation aborted at
/usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 25, <DATA> line 522.


I have spent most of the day reading through any and all Ldap/AD-related
posts on the Koha mailing lists but I don't see anything that stands out as
what I am doing wrong or that applies to my situation.

Is there some other way to get more verbose feedback, or perhaps something
that should be done differently for Server 2008?

Thanks for reading :-)

--
View this message in context: http://koha.1045719.n5.nabble.com/Ldap-Active-Directory-tp4533702p4533702.html
Sent from the Koha - Discuss mailing list archive at Nabble.com.
_______________________________________________
Koha mailing list  http://koha-community.org
Koha at lists.katipo.co.nz
http://lists.katipo.co.nz/mailman/listinfo/koha


More information about the Koha mailing list