[Koha-devel] Koha3.0 against Active Directory
Michael Hafen
mdhafen at tech.washk12.org
Fri Sep 26 17:51:13 CEST 2008
> > problem is that auth_with_ldap.pm expects an attribute with password
> > stored in the plain,
>
> i don't think so! can you imagine a password stored in plain in a modern
> and secure system? i think that the current code expect that the plain
> text used for comparaison will be encrypted by the server.
>
I read somewhere recently that having the password in the plain is
actually part of the LDAP spec. I think it was because the open source
LDAP server, slapd, was going to move to having a very secured attribute
holding the clear text password. It's been long enough that I don't
remember the specifics now.
> > $db->unbind;
> > $db->disconnect();
> > $db = Net::LDAP->new( [$prefhost] );
>
> why unbind ? you'll loose the benefit of mod_ldap cached data.
>
> $dbuser = Net::LDAP->new( [$prefhost] );
>
Yes, this is a good point. That's a much better way to do it. Just
replace $db with $dbuser in the code from my previous email and ignore
the unbind/disconnect calls entirely.
Thanks.
More information about the Koha-devel
mailing list