https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28780
Bug ID: 28780
Summary: Auth_with_ldap only searches tree with anon_bind
Change sponsored?: ---
Product: Koha
Version: 21.05
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
Created attachment 123282
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=123282&action=edit
Auth_with_ldap patch to add tree searching wtih service account
If auth_by_bind is set, anonymous_bind is not set, and a 'service' account is
provided (<user> and <pass>), Auth_with_ldap.pm will not use the service
account to search the tree and determine the principal name. Instead it
requires the principal name to be provided in the XML.
This is a problem when users are in multiple OUs - there is no way to provide a
principal name that works for everyone. It is a relatively easy fix - just
adding an elsif to check if a service account is provided, then search the tree
with that.
We have multiple OUs, so I've modified the code and I've provided a patch as a
suggestion. This may not be the ideal fix and it may cause unintended issues
for users who aren't doing auth_by_bind. Would love to see something like this
incorporated into the koha code since I have to re-enable these each time we
update.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
