[Koha-devel] LDAP configuration in Koha3.0 on Linux

Fri Jul 17 21:37:41 CEST 2009

Ah, OK.  So is this an unsolvable problem (using <replicate> and/or
<update> with MS LDAP) or is there hope?

Thanks!

James

On Fri, Jul 17, 2009 at 2:22 PM, Joe Atzberger<ohiocore at gmail.com> wrote:
> Single quotes block variable interpolation, so you wouldn't want to use
> them.  The 2nd problem there is that $userldapentry is undefined, so it
> doesn't matter what you are going to pass to exists(), it will still break.
> --
> Joe Atzberger
> LibLime - Open Source Library Solutions
>
> On Fri, Jul 17, 2009 at 2:31 PM, Library Guy <library.guy.zero at gmail.com>
> wrote:
>>
>> I know very little perl, so I'm unsure of the syntax for single,
>> double or no quotes for variables:
>>
>> Test 1:
>>
>> Either    $userldapentry->exists("$uid_field");   or
>> $userldapentry->exists($uid_field);
>>
>> Global symbol "$uid_field" requires explicit package name at
>> /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253
>>
>>
>> Test 2:
>>
>> $userldapentry->exists('$uid_field');
>>
>> Can't call method "exists" on an undefined value at
>> /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253.
>>
>> James
>>
>>
>> On Fri, Jul 17, 2009 at 12:24 PM, Michael Hafen<mdhafen at tech.washk12.org>
>> wrote:
>> > I'm not sure.  Maybe if you changed the exists() call from 'uid' to
>> > "$uid_field".  Maybe that would still init the attrs hash.  Can you try
>> > that?
>> >
>> > On Fri, 2009-07-17 at 12:05 -0500, Library Guy wrote:
>> >> I will check with our I.T. but I am not hopeful.  What would it take
>> >> for Auth_with_ldap.pm to be modified to circumvent this, such as using
>> >> sAMAcountName? Is it that simple?
>> >>
>> >> James
>> >>
>> >> On Fri, Jul 17, 2009 at 11:47 AM, Michael
>> >> Hafen<mdhafen at tech.washk12.org> wrote:
>> >> > Of course, why didn't I see that before.  Of course AD doesn't have
>> >> > the
>> >> > uid attribute.
>> >> >
>> >> > There is a free download from Microsoft, Services For Unix, which
>> >> > adds
>> >> > this and a few other attributes.  Look into that.
>> >> >
>> >> > On Fri, 2009-07-17 at 11:41 -0500, Library Guy wrote:
>> >> >> Ben, I'm testing the latest dev (3.01.00.037).  LDAP authentication
>> >> >> against our MS AD LDAP works properly using auth_by_bind, but if I
>> >> >> enable either  <replicate> or <update>, as soon as a new patron is
>> >> >> authenticated Koha produces this error:
>> >> >>
>> >> >> Can't call method "exists" on an undefined value at
>> >> >> /home/koha/kohaclone/C4/Auth_with_ldap.pm line 168, <DATA> line 253.
>> >> >>
>> >> >> The offending line 168 in Auth_with_ldap.pm is:
>> >> >>
>> >> >> $userldapentry->exists('uid');  # This is bad, but required!  By
>> >> >> side-effect, this initializes the attrs hash.
>> >> >>
>> >> >> I suspect it has something to do with uid not being a part of our
>> >> >> schema, but I don't know where to go from here or how to help the
>> >> >> developers address it.
>> >> >>
>> >> >> Thanks!
>> >> >>
>> >> >> James
>> >> >>
>> >> >>
>> >> >> On Wed, Jul 15, 2009 at 8:06 PM, Ben
>> >> >> Finney<ben+koha at benfinney.id.au> wrote:
>> >> >> > Dobrica Pavlinusic <dpavlin at rot13.org>
>> >> >> > writes:
>> >> >> >
>> >> >> >> Idea is simple: instead of having single administrative user
>> >> >> >> which can
>> >> >> >> do LDAP compare to check password, we just bind as user who is
>> >> >> >> trying
>> >> >> >> to login.
>> >> >> >
>> >> >> > Yes, this is the correct way to authenticate against an LDAP
>> >> >> > directory.
>> >> >> > As you say, it requires no privileged access to the directory
>> >> >> > beyond
>> >> >> > that granted to the authenticating user.
>> >> >> >
>> >> >> > This normal behaviour (bind as authenticating user) is available
>> >> >> > in the
>> >> >> > current development tree of Koha 3.x, and is not yet in any stable
>> >> >> > release TTBOMK.
>> >> >> >
>> >> >> > --
>> >> >> >  \     Rommel: “Don't move, or I'll turn the key on this can of
>> >> >> > Spam!” |
>> >> >> >  `\                               —The Goon Show, _Rommel's
>> >> >> > Treasure_ |
>> >> >> > _o__)
>> >> >> >      |
>> >> >> > Ben Finney
>
>
>