Usually, in AD, the beginning of the principal name is the same as the sAMAccountName, have you tried that in the mapping for userid?
On Tue, May 5, 2015 at 4:37 AM, KIS ISM <i...@kis.in> wrote: > Hi, > > > > I’m having such a hard time to get ldap with AD (on Windows Server 2012 > R2) to work – now trying on 3.18.3 > > > > Koha login does see whether username/password is correct but exists with > error on correct username/password. > > > > Yes, I changed <userid is="cn"></userid> and > <principal_name>%s...@kis.in</principal_name> > to all the different variations I did find no the net. No success. > > Does anyone have any ideas? > > > > Rudy Wuthrich, Kodaikanal International School > > > > This is my ldap part from koha-config.xml > > > > <useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra > configs you must add if you want to turn this on --> > > <ldapserver id="ldapserver" listenref="ldapserver"> > > <hostname>ldaps://serad1.kis.in</hostname> > > <base>OU=KISaaaa,OU=KISbbbb,DC=kis,DC=in</base> > > <user>CN=ldapuser,DC=kis,DC=in</user> > > <pass>password</pass> > > <replicate>1</replicate> > > <update>1</update> > > <auth_by_bind>1</auth_by_bind> > > <principal_name>%s...@kis.in</principal_name> > > > > <mapping> > > <firstname is="givenname"></firstname> > > <surname is="sn"> </surname> > > <address is="">KIS</address> > > <userid is="cn"></userid> > > <password is=""></password> > > <email is="mail"></email> > > <phone is=""></phone> > > </mapping> > > > > Here is what happens: > > > > When I try with wrong username/password > > è You entered an incorrect > > > > With correct username/password > Software error: > > LDAP search failed to return object : 0000208D: NameErr: DSID-03100238, > problem 2001 (NO_OBJECT), data 0, best match of: > > 'OU=KISStaff,DC=kis,DC=in' > > at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 92. > > For help, please send mail to the webmaster ([no address given]), giving > this error message and the time and date of the error. > > And from the opac-error.log > > [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May 5 > 15:57:37 2015] opac-user.pl: LDAP search failed to return object : > 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best > match of:, referer: http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl > > [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May 5 > 15:57:37 2015] opac-user.pl: \t'OU=KISStaff,DC=kis,DC=in', referer: > http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl > > [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May 5 > 15:57:37 2015] opac-user.pl: , referer: > http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl > > _______________________________________________ > Koha-devel mailing list > Koha-devel@lists.koha-community.org > http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel > website : http://www.koha-community.org/ > git : http://git.koha-community.org/ > bugs : http://bugs.koha-community.org/ > -- Michael Hafen Washington County School District Technology Department Systems Analyst
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
