[Koha-bugs] [Bug 7973] Allow for new type of LDAP authentication
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu May 30 23:37:55 CEST 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7973
--- Comment #19 from Chris Cormack <chris at bigballofwax.co.nz> ---
(In reply to comment #18)
> I believe this change has broken ldap for me. I'm new to this so please
> correct me if I'm wrong.
>
> As stated the new way to authenticate in Koha 4.12 seems to work like this:
> 1 - LDAP anonymous bind;
> 2 - LDAP search entry for the given username;
> 3 - LDAP bind with the DN of the found entry + the given password.
>
3.12 right?
> In my case with Active Directory it's possible to bind anonymously but the
> anon user is not allowed to search. So I get something this in step 2.
>
> (sAMAccountName=dburke) gets 0 hits,
>
> I reverted the patch and it works again. I also had to remove a return 0; on
> line 130 of Auth_with_ldap.pm. Not sure what this is about.
>
> I suspect this would break a good number of ldap set ups. I know Zentyal
> 3.0's openldap schema follows the same behavior of not allowing anon users
> to search.
That sounds like a real valid issue, could you please open a new bug. With this
bug report (id mark it critical maybe even blocker)
And as much information as you can.
My suggestion for a patch to fix it, would be to make the new behaviour
configurable in the koha-conf.xml so that it can be turned on for those who
want it. Off for those like yourself that it breaks.
It would be even more awesome if you could that patch, I would buy you a
beverage of your choice at Kohacon
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list