[Koha-devel] Auth With Windows AD
Acty Chen
acty.chen at gmail.com
Mon Jun 19 16:39:04 CEST 2006
use <userid>@abc.corp instead of anonymous bind
1.
Search the "# LDAP connexion parameters"
# LDAP connexion parameters
my $ldapserver = 'dc01.abc.corp ';
# Base DN for users
my $name = "dc=abc,dc=corp";
# Bind uses the users full DN, if uid doesn't work try
my $ldap_binddn = "$userid\@abc.corp";
my $ldap_secret = $password;
my $db = Net::LDAP->new( $ldapserver );
2.
change
my $userdnsearch = $db->search(base => $name,
filter =>"(a-login=$userid)",
);
to
my $userdnsearch = $db->search(base => $name,
filter =>"(sAMAccountName=$userid)",
);
3. search "## HACK LMK"
change
if( ( $cmpmesg -> code != 6 ) && ! ( $password eq
"kivabien" ) ) {
warn "LDAP Auth impossible : wrong password";
return 0;
};
change
##if( ( $cmpmesg -> code != 6 ) && ! ( $password eq
"kivabien" ) ) {
## warn "LDAP Auth impossible : wrong password";
## return 0;
##};
<Result>
diff Auth_with_AD.pm Auth_with_ldap.pm
32,33c32,33
< use Net::LDAP;
< use Net::LDAP qw(:all);
---
> # use Net::LDAP;
> # use Net::LDAP qw(:all);
506,514c506,509
< my $ldapserver = 'dc01.abc.corp';
<
< # Base DN for users
< my $name = "dc=abc,dc=corp";
< # Bind uses the users full DN, if uid doesn't work try
<
< my $ldap_binddn = "$userid\@abc.corp";
< my $ldap_secret = $password;
<
---
> my $ldapserver = 'your.ldap.server.com ';
> # Infos to do an anonymous bind
> my $ldapinfos = 'a-section=people,dc=emn,dc=fr ';
> my $name = "a-section=people,dc=emn,dc=fr";
518,523c513
< my $res =$db->bind($ldap_binddn, password => $ldap_secret);
<
< #if (!defined($db)) {
< # print STDERR "Connection au serveur LDAP impossible!\n";
< # return 0;
< #}
---
> my $res =$db->bind();
530c520
< filter =>"(sAMAccountName=$userid)",
---
> filter =>"(a-login=$userid)",
542,545c532,535
< ###if( ( $cmpmesg -> code != 6 ) && ! ( $password eq
"kivabien" ) ) {
< ### warn "LDAP Auth impossible : wrong password";
< ### return 0;
< ###};
---
> if( ( $cmpmesg -> code != 6 ) && ! ( $password eq
"kivabien" ) ) {
> warn "LDAP Auth impossible : wrong password";
> return 0;
> };
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/koha-devel/attachments/20060619/466b0426/attachment-0002.htm>
More information about the Koha-devel
mailing list