http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8993
--- Comment #3 from Julian Maurice <[email protected]> --- Contents of POD file: LDAP auth_method configuration This document is a step by step explaination for the new LDAP configuration method. The old one (see C4::Auth_with_ldap) still exists and you should give it a try if your needs of mappings and transformations are low. What do I have to ask to the directory administrator How to reach the service What we need is build the url of the ldap service we want to reach. So ask him for the URL. If he don't know, ask for the scheme (or protocol), the hostname and the port of the directory. Only hostname and scheme are mandatory. The scheme must be ldap or ldaps (ldaps is for crypted ldap, ldap over SSL). The url construction is: scheme://hostname:port scheme://hostname examples host=directory.example.com port=389 scheme=ldap gives you: ldap://directory.example.com:389 Also: Active Directory (the Microsoft implementation) is an LDAP alike directory but Koha have to know it's active directory to use it, so please ask. What is the binding method ? Are anonymous allowed to make some searches on the server? If not, what is the credentials for the koha account ? Credentials are a pair (DN, password) uid=koha,ou=people,dc=example,dc=com MYS3CRET in Active Directory, it can be a [email protected] with a password [email protected] MYS3CRET Now configure koha This is a basic exemple of things you will add in the "/config" part of "koha-conf.xml". First of all, you need to tell koha that ldap authentication is now relevant <useldapserver>1</useldapserver> If you use anonymous method, you have to give credentials of koha account <ldapserver url="ldap://directory.example.com"; manager="uid=koha,ou=people,dc=example,dc=com" password="MYS3CRET" authmethod="search_dn" > Also, you can set the values for replication and update (documented in legacy pod): <ldapserver url="ldap://directory.example.com"; manager="uid=koha,ou=people,dc=example,dc=com" password="MYS3CRET" authmethod="search_dn" replicate="1" update="1" > You must now tell koha the ldap branches where to find users <useldapserver>1</useldapserver> <ldapserver url="ldap://directory.example.com"; manager="uid=koha,ou=people,dc=example,dc=com" password="MYS3CRET" authmethod="search_dn" replicate="1" update="1" > <branch dn="ou=people,dc=site1,dc=example,dc=com" /> <branch dn="ou=people,dc=site2,dc=example,dc=com" /> <branch dn="ou=people,dc=site4,dc=example,dc=com" /> The best part of this new config is that you don't have to rely on simple mappings anymore (but you still can): you can use a perl module to write much sofisticated transformations directly in perl: <transformation module="C4::LDAPTransform::CustomTransform" /> This module only have to define a subroutine named get_borrower -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
