[Koha] difficulties authenticating after samba/openldap -> samba4 AD migration

chrisc at catalyst.net.nz chrisc at catalyst.net.nz
Wed Apr 2 12:58:55 NZDT 2014


Hi Mourik

I asked Andrew Bartlett, one of my colleagues here at Catalyst and a
Samba developer about the issue, here is what he said

----- Forwarded message from Andrew Bartlett  -----


The key differences between OpenLDAP as traditionally deployed and AD 
as
traditionally deployed is not just the schema, but also that
authentication is required for searches.  (here needed to map between
the user's username and their DN for the simple bind).

However, there is a way around that, because AD is smart, and allows 
all
sorts of things that are not a DN to be the 'bind DN', you can bind to
LDAP as user at REALM or NT4DOM\username for example.

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          
http://catalyst.net.nz/services/samba

----- End forwarded message -----



More information about the Koha mailing list