It's openldap and Koha ver. 3.4.2 -- alen
On 07/01/2011 08:27 AM, Oscar Gaona wrote: > Anybody using Oracle Internet Directory, OID, for Koha-LDAP > authentication? > > Alen,in your case, what is the ldap software? > > > Thanks an regards, > Oscar > > > ------------------------------------------------------------------------ > *From:* alen vodopijevec <[email protected]> > *To:* [email protected] > *Cc:* [email protected]; Oscar Gaona <[email protected]> > *Sent:* Wednesday, June 29, 2011 4:54 PM > *Subject:* Re: [Koha] Share Koha-LDAP conf > > I'm not sure why but I also had to format principal_name in koha-conf.xml > as follows: > -- > <principal_name>uid=%s,dc=irb,dc=hr</principal_name> > -- > > Otherwise it doesn't work with openldap at my institution :/ > > regards, > -- > alen > > > > 2011/6/22 Oscar Gaona <[email protected] <mailto:[email protected]>>: > >> Hi all > >> There are many questions and solutions around Koha-LDAP connection / > >> authentication, so it seems there is not a only way to get it because > >> each > >> Library / Institution has its own requirements / developments. > >> If you has a successful / useful experience on this topic, may you > share > >> how > >> you do it, please? Obviously, changing some real names / IP's > >> Sometimes, examples are the better way to support people looking for > >> solutions... > > > > For start, I would suggest to first try 3.2.10 or current git version > > because > > there are few LDAP fixes which just got merged into repository and > > relesed. > > > > For a start, until bug 4994[1] gets merged, keep values inside > > is="ldap-field" lower case only. > > > > We are using following configuration: > > > > <useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra > > configs you must add if you want to turn this on --> > > > > <ldapserver id="ldapserver" listenref="ldapserver"> > > <!-- > > <hostname>ldaps://ldap.ffzg.hr</hostname> > > --> > > <hostname>ldap://localhost:1389</hostname> > > <base>dc=ffzg,dc=hr</base> > > > > <replicate>1</replicate> <!-- add new users from LDAP to Koha database > > --> > > <update>0</update> <!-- update existing users in Koha database --> > > > > <auth_by_bind>1</auth_by_bind> > > <principal_name>%s</principal_name> <!-- optional, for auth_by_bind: > > a printf format to make userPrincipalName from koha userid --> > > > > <mapping> <!-- match koha SQL field names to your LDAP > > record field names --> > > <firstname is="givenname" ></firstname> > > <surname is="sn" ></surname> > > <address is="ffzg-adresa_ulica" ></address> > > <city is="ffzg-adresa_grad" ></city> > > <!-- > > <zipcode is="ffzg-adresa_postanski_broj"></zipcode> > > ---> > > > > <branchcode is="local-branch" >FFZG</branchcode> > > <userid is="hrEduPersonUniqueID" ></userid> > > <password is="userpassword" ></password> > > <email is="mail" ></email> > > <categorycode is="hrEduPersongroupmember" >IMP</categorycode> > > > > <dateofbirth is="hredupersondateofbirth" ></dateofbirth> > > <sex is="ffzg-spol" ></sex> > > <phone is="ffzg-tel_fixed"></phone> > > <mobile is="ffzg-tel_mobile"></mobile> > > > > <dateexpiry is="hredupersonexpiredate">2012-12-23</dateexpiry> > > > > <JMBG is="hrEduPersonUniqueNumber_JMBG"></JMBG> > > <OIB is="hrEduPersonOIB"></OIB> > > > > </mapping> > > </ldapserver> > > > > This configuration works with changes in bug 4994, otherwise > > everything inside is="" > > would have to be lowercase only. > > > > We are using few of HrEdu* attributes which are specific to our national > > LDAP > > schema, and probably unusual combination of replication (to create users > > who > > logged in first time over web) without update (since we will edit > patron's > > data > > locally, and then our data will be more current that LDAP data, so we > > don't want > > to overwrite it). > > > > Hope this helps. > > > > 1: http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4994 > > > > -- > > ...2share!2flame... http://blog.rot13.org > > _______________________________________________ > > Koha mailing list http://koha-community.org > > [email protected] <mailto:[email protected]> > > http://lists.katipo.co.nz/mailman/listinfo/koha > > > > > -- > > > > _______________________________________________ Koha mailing list http://koha-community.org [email protected] http://lists.katipo.co.nz/mailman/listinfo/koha
