[Koha-bugs] [Bug 31596] New: LDAP ACTIVE DIRECTORY with different domain suffix

Wed, 21 Sep 2022 21:49:19 -0700 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31596

            Bug ID: 31596
           Summary: LDAP ACTIVE DIRECTORY with different domain suffix
 Change sponsored?: ---
           Product: Koha
           Version: unspecified
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: blocker
          Priority: P5 - low
         Component: Authentication
          Assignee: [email protected]
          Reporter: [email protected]
        QA Contact: [email protected]
                CC: [email protected]

Koha version:   18.11.13.000
OS version ('uname -a'): Linux 3.16.0-6-amd64 #1 SMP Debian 3.16.57-2
(2018-07-14) x86_64

Hi,
I have success connecting KOHA with ACTIVE DIRECTORY for staff. However if I
want to authenticate student, login is failed due to different domain suffix.
This is my working ldap-activedirectory authentication. 

------------------------------------------------------------

<useldapserver>1</useldapserver>
  <ldapserver id="ldapserver" listenref="ldapserver">
  <hostname>ldap://ldaphostname:389</hostname>
  <base>OU=Staf,OU=Student,OU=User,OU=uuu,DC=dc,DC=local</base>
  <replicate>0</replicate>
  <update>0</update>
  <auth_by_bind>1</auth_by_bind>
  <anonymous_bind>0</anonymous_bind>
  <principal_name>%[email protected]</principal_name>
  <update_password>0</update_password>
  <mapping>
      <userid       is="CN"        ></userid>
  </mapping>
  </ldapserver>

-------------------------------------------------------------

This config is already working smoothly. But since STUDENT's email has
different suffix domain such as %[email protected], hence the login is
failed. 

Is there a way to combine multiple principal_name to make this work? I have
read other bugs that said multiple ldapserver is not developed. In this case,
it's not multiple ldapserver cause it has the same hostname and details. Only
the domain in principal_name is different.

-------------------------------------------------------------

The error I got when student is logged in is:
>> LDAP bind failed as kohauser MA19126: LDAP error #49: 
>> LDAP_INVALID_CREDENTIALS
>> The wrong password was supplied or the SASL credentials could not be 
>> processed

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to