[Koha-bugs] [Bug 31596] New: LDAP ACTIVE DIRECTORY with different domain suffix
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Sep 22 06:49:14 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31596
Bug ID: 31596
Summary: LDAP ACTIVE DIRECTORY with different domain suffix
Change sponsored?: ---
Product: Koha
Version: unspecified
Hardware: Other
OS: Linux
Status: NEW
Severity: blocker
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: hamsiah at interxs.com.my
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
Koha version: 18.11.13.000
OS version ('uname -a'): Linux 3.16.0-6-amd64 #1 SMP Debian 3.16.57-2
(2018-07-14) x86_64
Hi,
I have success connecting KOHA with ACTIVE DIRECTORY for staff. However if I
want to authenticate student, login is failed due to different domain suffix.
This is my working ldap-activedirectory authentication.
------------------------------------------------------------
<useldapserver>1</useldapserver>
<ldapserver id="ldapserver" listenref="ldapserver">
<hostname>ldap://ldaphostname:389</hostname>
<base>OU=Staf,OU=Student,OU=User,OU=uuu,DC=dc,DC=local</base>
<replicate>0</replicate>
<update>0</update>
<auth_by_bind>1</auth_by_bind>
<anonymous_bind>0</anonymous_bind>
<principal_name>%s at uuu.edu.my</principal_name>
<update_password>0</update_password>
<mapping>
<userid is="CN" ></userid>
</mapping>
</ldapserver>
-------------------------------------------------------------
This config is already working smoothly. But since STUDENT's email has
different suffix domain such as %s at student.uuu.edu.my, hence the login is
failed.
Is there a way to combine multiple principal_name to make this work? I have
read other bugs that said multiple ldapserver is not developed. In this case,
it's not multiple ldapserver cause it has the same hostname and details. Only
the domain in principal_name is different.
-------------------------------------------------------------
The error I got when student is logged in is:
>> LDAP bind failed as kohauser MA19126: LDAP error #49: LDAP_INVALID_CREDENTIALS
>> The wrong password was supplied or the SASL credentials could not be processed
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list