Hello, we have a Koha-Installation and would like to connect to our OpenLDAP -server, but I can't get it to work.
First our Koha setup: > OS: debian wheezy > Koha: 3.20.02 Connecting to ldap-server works fine but the password comparison fails with the follwing error (tested in the console but also fails in the web gui; also given password is correct): > root@biblio:/etc/koha/sites/MY_SITE# env PERL5LIB=/usr/share/koha/lib KOHA_CONF=/etc/koha/sites/MY_SITE/koha-conf.xml perl /usr/share/koha/opac/cgi-bin/opac/opac-user.pl userid=MY_MAIL_NAME@MY_ ORG.org password=MY_PASSWORD. | head -5 > Got 2 ldap mapkeys ( total ): userid > Got 2 ldap mapkeys (populated): userid > Checking Auth at /usr/share/koha/lib/C4/Auth.pm line 703, <DATA> line 558. > kohaversion : 3.2002000 > ## checkpw - checking LDAP > LDAP Auth rejected : invalid password for user 'MY_MAIL_NAME@MY_ORG.o rg'. LDAP error #5: LDAP_COMPARE_FALSE > # This code is returned when a compare request completes and the attribute value given is not in the entry specified > > Login failed, resetting anonymous session... at /usr/share/koha/lib/C4/Auth.pm line 1107, <DATA> line 595. Configuration in koha-conf.xml, see below. Our ldap-server uses SSHA as password sheme. Could this be the problem? How can I solve it? Can't find much usefull when searching internet for the problem. Thanks and best wishes Uwe > <useldapserver>1</useldapserver> <!-- see C4::Auth_with_ldap for extra configs you must add if you want to turn this on --> > > <!-- LDAP SERVER (optional) --> > > <ldapserver id="ldapserver" listenref="ldapserver"> > <hostname>MY_LDAP_SERVER</hostname> > <base>ou=id,dc=MY_ORG,dc=org</base> > <user>cn=biblio,ou=daemons,dc=MY_ORG,dc=org</user> <!-- DN, if not anonymous --> > <pass>MY_SECRET_PASSWORD</pass> <!-- password, if not anonymous --> > <replicate>0</replicate> <!-- add new users from LDAP to Koha database --> > <update>0</update> <!-- update existing users in Koha database --> > <anonymous_bind>0</anonymous_bind> > <auth_by_bind>0</auth_by_bind> <!-- set to 1 to authenticate by binding instead of password comparison, e.g., to use Active Directory --> > <!--<principal_name>%s@MY_ORG.org</principal_name>--> > <mapping> <!-- match koha SQL field names to your LDAP record field names --> > <!--<firstname is="firstname"></firstname> > <surname is="surname"></surname> > <address is="postaladdress">hier</address> > <city is="l">Berlin</city> > <zipcode is="postalcode">1000</zipcode> > <branchcode is="businesscategory"></branchcode> --> > <userid is="uid"></userid> > <!--<password is="USER_PASSWORD"></password> > <email is="mail"></email> > <categorycode is="employeetype">PT</categorycode> > <phone is="telephonenumber">11111</phone> > <flags is="flags">2</flags> --> > </mapping> > </ldapserver> (hint: some private data is anonymized with large letters) -- Q: Why do WASPs play golf ? A: So they can dress like pimps. _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha
