[Koha-bugs] [Bug 7973] Allow for new type of LDAP authentication
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 30 22:36:49 CEST 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7973
David Burke <dmbst32 at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dmbst32 at gmail.com
--- Comment #18 from David Burke <dmbst32 at gmail.com> ---
I believe this change has broken ldap for me. I'm new to this so please correct
me if I'm wrong.
As stated the new way to authenticate in Koha 4.12 seems to work like this:
1 - LDAP anonymous bind;
2 - LDAP search entry for the given username;
3 - LDAP bind with the DN of the found entry + the given password.
In my case with Active Directory it's possible to bind anonymously but the anon
user is not allowed to search. So I get something this in step 2.
(sAMAccountName=dburke) gets 0 hits,
I reverted the patch and it works again. I also had to remove a return 0; on
line 130 of Auth_with_ldap.pm. Not sure what this is about.
I suspect this would break a good number of ldap set ups. I know Zentyal 3.0's
openldap schema follows the same behavior of not allowing anon users to search.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list