> On Jun 25, 2019, at 8:28 AM, Daniele Piccoli <[email protected]>
> wrote:
>
> Il 24/06/19 21:30, Hector Gonzalez ha scritto:
>> Hi Daniele
>
> Hi
>
>>> On Jun 24, 2019, at 4:22 AM, Daniele Piccoli <[email protected]>
>>> wrote:
>>>
>>> Software error:
>>> Error reading file /etc/koha/sites/biblioname/koha-conf.xml.
>>> Try running this again as the koha instance user (or use the koha-shell
>>> command in debian)
>>
>>
>> Is the file readable by koha? Permissions should be 640, with user root and
>> biblioname-koha as the group (if that is the group that owns koha).
>
> The file is readable by Koha and in fact it has the correct permission
> as you said.
Ok, then try making these changes:
<ldapserver id="ldapserver" listenref="ldapserver">
<hostname>*IP-OF-DC*</hostname> <ldaps://*IP-OF-DC*</hostname>>
<base>ou=Users,dc=*sub*,dc=*domain*,dc=*tld*</base>
<replicate>1</replicate>
<update>1</update>
<auth_by_bind>1</auth_by_bind>
<anonymous_bind>0</anonymous_bind>
<principal_name>uid=%s@*sub*.*domain*.*tld*</principal_name>
<mapping>record field names -->
<userid is="uid"></userid>
<password is="userpassword"></password>
<email is="mail"></email>
<branchcode is="">YOURLIBRARYCODEinKoha</branchcode>
<categorycode is="">STUDENT</categorycode>
</mapping>
</ldapserver>
1. change the hostname to the actual hostname of the ldap server, if it is
using ldaps, it might want to check the certificate, and that is based on the
name.
2. remove the <user> and <pass> tags, as you are using auth_by_bind. (I don´t
know if they are needed for <update> so you might want to leave that there).
3. Add a line that says: <anonymous_bind>0</anonymous_bind> which is needed
with AD logins when you are using auth_by_bind (sounds weird, but it works
that way)
4. Change principal_name, the format is
<principal_name>%s@*your.domain.name*</principal_name> which is needed with AD
too. It looks like an email address.
5. Add a mapping for "categorycode" with the text of the main user category
(staff, students, faculty...) It IS required for login, and is assigned to the
user automatically.
6. Add the branchcode for the library.
Also, I would change the userid mapping to <userid
is="sAMAccountName"></userid> which is a unique name for every user with AD.
If it still gives you trouble, check the tags above and below your ldap
configuration, and be sure those were not affected by editing the file.
>>
>
> Daniele
> _______________________________________________
> Koha mailing list http://koha-community.org
> [email protected]
> https://lists.katipo.co.nz/mailman/listinfo/koha
--
Héctor González
[email protected]
_______________________________________________
Koha mailing list http://koha-community.org
[email protected]
https://lists.katipo.co.nz/mailman/listinfo/koha
