I know very little perl, so I'm unsure of the syntax for single, double or no quotes for variables: Test 1: Either $userldapentry->exists("$uid_field"); or $userldapentry->exists($uid_field); Global symbol "$uid_field" requires explicit package name at /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253 Test 2: $userldapentry->exists('$uid_field'); Can't call method "exists" on an undefined value at /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253. James On Fri, Jul 17, 2009 at 12:24 PM, Michael Hafen<mdhafen@tech.washk12.org> wrote:
I'm not sure. Maybe if you changed the exists() call from 'uid' to "$uid_field". Maybe that would still init the attrs hash. Can you try that?
On Fri, 2009-07-17 at 12:05 -0500, Library Guy wrote:
I will check with our I.T. but I am not hopeful. What would it take for Auth_with_ldap.pm to be modified to circumvent this, such as using sAMAcountName? Is it that simple?
James
On Fri, Jul 17, 2009 at 11:47 AM, Michael Hafen<mdhafen@tech.washk12.org> wrote:
Of course, why didn't I see that before. Of course AD doesn't have the uid attribute.
There is a free download from Microsoft, Services For Unix, which adds this and a few other attributes. Look into that.
On Fri, 2009-07-17 at 11:41 -0500, Library Guy wrote:
Ben, I'm testing the latest dev (3.01.00.037). LDAP authentication against our MS AD LDAP works properly using auth_by_bind, but if I enable either <replicate> or <update>, as soon as a new patron is authenticated Koha produces this error:
Can't call method "exists" on an undefined value at /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253.
The offending line 168 in Auth_with_ldap.pm is:
$userldapentry->exists('uid'); # This is bad, but required! By side-effect, this initializes the attrs hash.
I suspect it has something to do with uid not being a part of our schema, but I don't know where to go from here or how to help the developers address it.
Thanks!
James
On Wed, Jul 15, 2009 at 8:06 PM, Ben Finney<ben+koha@benfinney.id.au> wrote:
Dobrica Pavlinusic <dpavlin@rot13.org> writes:
Idea is simple: instead of having single administrative user which can do LDAP compare to check password, we just bind as user who is trying to login.
Yes, this is the correct way to authenticate against an LDAP directory. As you say, it requires no privileged access to the directory beyond that granted to the authenticating user.
This normal behaviour (bind as authenticating user) is available in the current development tree of Koha 3.x, and is not yet in any stable release TTBOMK.
-- \ Rommel: “Don't move, or I'll turn the key on this can of Spam!” | `\ —The Goon Show, _Rommel's Treasure_ | _o__) | Ben Finney
_______________________________________________ Koha-devel mailing list Koha-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/koha-devel _______________________________________________ Koha-devel mailing list Koha-devel@lists.koha.org http://lists.koha.org/mailman/listinfo/koha-devel
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha.org http://lists.koha.org/mailman/listinfo/koha-devel -- Michael Hafen Systems Analyst and Programmer Washington County School District Utah, USA
for Koha checkout http://development.washk12.org/gitweb/ or git://development.washk12.org/koha
-- Michael Hafen Systems Analyst and Programmer Washington County School District Utah, USA
for Koha checkout http://development.washk12.org/gitweb/ or git://development.washk12.org/koha