[Koha-devel] Koha 3.18 and Ldap with Active Directory not working

Michael Hafen michael.hafen at washk12.org
Tue May 5 18:31:16 CEST 2015 

Usually, in AD, the beginning of the principal name is the same as the
sAMAccountName, have you tried that in the mapping for userid?

On Tue, May 5, 2015 at 4:37 AM, KIS ISM <ISM at kis.in> wrote:

>  Hi,
>
>
>
> I’m having such a hard time to get ldap with AD (on Windows Server 2012
> R2) to work – now trying on 3.18.3
>
>
>
> Koha login does see whether username/password is correct but exists with
> error on correct username/password.
>
>
>
> Yes, I changed <userid is="cn"></userid>  and <principal_name>%s at kis.in</principal_name>
> to all the different variations I did find no the net. No success.
>
> Does anyone have any ideas?
>
>
>
> Rudy Wuthrich, Kodaikanal International School
>
>
>
> This is my ldap part from koha-config.xml
>
>
>
> <useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra
> configs you must add if you want to turn this on -->
>
> <ldapserver id="ldapserver"  listenref="ldapserver">
>
> <hostname>ldaps://serad1.kis.in</hostname>
>
> <base>OU=KISaaaa,OU=KISbbbb,DC=kis,DC=in</base>
>
> <user>CN=ldapuser,DC=kis,DC=in</user>
>
> <pass>password</pass>
>
> <replicate>1</replicate>
>
> <update>1</update>
>
> <auth_by_bind>1</auth_by_bind>
>
> <principal_name>%s at kis.in</principal_name>
>
>
>
> <mapping>
>
> <firstname    is="givenname"></firstname>
>
> <surname      is="sn"> </surname>
>
> <address      is="">KIS</address>
>
> <userid       is="cn"></userid>
>
> <password     is=""></password>
>
> <email        is="mail"></email>
>
> <phone        is=""></phone>
>
> </mapping>
>
>
>
> Here is what happens:
>
>
>
> When I try with wrong username/password
>
> è    You entered an incorrect
>
>
>
> With correct username/password
> Software error:
>
> LDAP search failed to return object : 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
>
>             'OU=KISStaff,DC=kis,DC=in'
>
>  at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 92.
>
> For help, please send mail to the webmaster ([no address given]), giving
> this error message and the time and date of the error.
>
> And from the opac-error.log
>
> [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May  5
> 15:57:37 2015] opac-user.pl: LDAP search failed to return object :
> 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
> match of:, referer: http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl
>
> [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May  5
> 15:57:37 2015] opac-user.pl: \t'OU=KISStaff,DC=kis,DC=in', referer:
> http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl
>
> [Tue May 05 15:57:37 2015] [error] [client 172.16.98.24] [Tue May  5
> 15:57:37 2015] opac-user.pl: , referer:
> http://172.16.60.73:8000/cgi-bin/koha/opac-user.pl
>
> _______________________________________________
> Koha-devel mailing list
> Koha-devel at lists.koha-community.org
> http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
> website : http://www.koha-community.org/
> git : http://git.koha-community.org/
> bugs : http://bugs.koha-community.org/
>



-- 
Michael Hafen
Washington County School District Technology Department
Systems Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20150505/9de6445c/attachment-0001.html>

More information about the Koha-devel mailing list