[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Eugene Espinoza changed: What|Removed |Added CC||eugen...@yahoo.com --- Comment #28 from Eugene Espinoza --- Hi! Experiencing the same with Koha 19.11.08.000. settings in koha_conf.xml for ldap below: ldap://ipaddress dc=xxx,dc=xxx,dc=xxx x...@xxx.xxx.xxx password 1 1 1 0 cn=%s,ou=Students,dc=xxx,dc=xxx,dc=xxx BRANCHCODE Tried different combinations but still getting this error: LDAP search failed to return object : 04DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 I can shelldap to it: shelldap --server xx.xxx.x.xxx --basedn dc=xxx,dc=xxx,dc=xxx --binddn x...@xxx.xxx.xxx ~ > ls root@library:/home/xxx# shelldap --server xx.xxx.x.xxx --basedn dc=xxx,dc=xxx,dc=xxx --binddn x...@xxx.xxx.xxx ~ > ls CN=Builtin CN=Computers CN=ForeignSecurityPrincipals CN=Infrastructure CN=LostAndFound CN=Managed Service Accounts CN=NTDS Quotas CN=Program Data CN=System CN=TPM Devices CN=Test User CN=Users CN=made in. 253 OU=BoardMembers OU=Distribution Email Group OU=Domain Controllers OU=Faculty OU=Moodle3 OU=PWMUSERS OU=RDS OU=Staff OU=Students ~ > -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #27 from je...@medios.es --- Thanks Victor, 0 did the trick for me... I discovered that I also had problems with the user I was testing with: Despite being active and able to browse the directory with shelldap, it wouldn't be able to login successfully to koha. Deleting the user and creating it again cleared the error for me. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Victor Grousset/tuxayo changed: What|Removed |Added CC||victor.grous...@biblibre.co ||m --- Comment #26 from Victor Grousset/tuxayo --- Hi, we got the error at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 101 on two instances when updating from 17.11.06 to 17.11.09 And 0 worked (with a restart of memcached and starman/plack) Here is the rest of the config if that can help those for which anonymous_bind isn't enough. ldaps://SOME_IP_ADDR CN=FOOBAR,OU=FOOBAR,OU=FOOBAR,DC=FOOBAR,DC=FOOBAR FOOBAR ou=FOOBAR,ou=FOOBAR,dc=FOOBAR,dc=FOOBAR cn=%s, ou=FOOBAR,ou=FOOBAR,dc=FOOBAR,dc=FOOBAR 1 1 0 0 0 [...] -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #25 from je...@medios.es --- Still not working in 18.05.05-1 Martin, any idea on this? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #24 from je...@medios.es --- Yes, I'm still experiencing this issue. You can see my configuration above with 0 and I have restarted the server several times. This is my test server before upgrading the production one, so I am free to debug in whatever way you may further consider. User and password check ok with shelldap, but I still get auth rejected error when trying to access the OPAC: [Thu Oct 11 10:53:42.471369 2018] [cgi:error] [pid 1611] [client 192.168.222.176:50338] AH01215: [Thu Oct 11 10:53:42 2018] opac-user.pl: LDAP Auth rejected : search with filter '(cn=biblio)' returns no hit: /usr/share/koha/opac/cgi-bin/opac/opac-user.pl, referer: http://campus.koha.somedomain.es/ -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #23 from Nick Clemens --- (In reply to jesus from comment #22) > Yep, no problem with searching even for other users: > > ou=Profesores,~ > grep cn=Profesor > CN=Profesor,OU=Profesores,DC=aulas,DC=campus,DC=local > ou=Profesores,~ > > > I'm even more concerned about the impossibility of login for local koha > users or even cached credentials. Are you still experiencing issues? So far all cases we have seen have been remedied by adding 0 and restarting memcached and apache -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #22 from je...@medios.es --- Yep, no problem with searching even for other users: ou=Profesores,~ > grep cn=Profesor CN=Profesor,OU=Profesores,DC=aulas,DC=campus,DC=local ou=Profesores,~ > I'm even more concerned about the impossibility of login for local koha users or even cached credentials. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #21 from Martin Renvoize --- (In reply to Martin Renvoize from comment #20) > That doesn't feel right. I bet you're normal koha users don't have search > permissions (even to search for themselves) on the ldap directory (and nor > should they). Ignore the 'and nor should they' there.. it seems in LDAP to only way to get back the ldapentry for yourself is indeed to search for yourself, so it does make sense for a uesr to be able to bind and then search for themselves. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #20 from Martin Renvoize --- Hang on.. I just re-read the code again. So.. it will be binding on the 'user' (not the service user as defined in the config, but the user whose trying to login).. then as you've got 'update' and 'replicate' enabled that same just bound user will do an ldapsearch upon themselves. That doesn't feel right. I bet you're normal koha users don't have search permissions (even to search for themselves) on the ldap directory (and nor should they). -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #19 from Martin Renvoize --- Hi Jesus, I'm just trying to get to the bottom of this one.. could you verify a 'grep' (or 'search') works using your shelldap client using the biblio user for connection? That's is a bit closer to how Koha functions internally than the 'ls' command you included. The basic flow in your configuration after the patch is to bind as biblio then ldapsearch for user, and finally bind as the user that has been found. Before the patch, contrary to the documentation the initial service bind was not taking place, the search was not executed and instead a direct bind was attempted using the constructed ldapuser name of the user (constructed using the principal_name configuration). -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 je...@medios.es changed: What|Removed |Added CC||je...@medios.es --- Comment #18 from je...@medios.es --- I think something is broken here yet... I updated from 17.11.04-1 to 18.05.04-1 stock Debian packages. This update broke my functioning ldap configuration. What I see is that if ldap is enabled and using auth_by_bind, I am not able to login either using any local accounts or AD ones, and I get this error: LDAP search failed to return object : 04DC: LdapErr: DSID-0C09075A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1 at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 101. My version is: root@newkoha:~# apt-cache show koha-common Package: koha-common Source: koha Version: 18.05.04-1 Architecture: all My koha ldap config is: some.ip.address.here dc=aulas,dc=campus,dc=local biblio@aulas.campus.local some.password 1 1 1 0 %s@aulas.campus.local 2100-01-01 PT My ldap infrastructure works just fine: root@newkoha:~# shelldap --server some.ip.address.here --basedn DC=aulas,DC=campus,DC=local --binddn biblio@aulas.campus.local ~ > ls CN=Builtin CN=Computers CN=ForeignSecurityPrincipals CN=Infrastructure CN=Keys CN=LostAndFound CN=Managed Service Accounts CN=NTDS Quotas CN=Program Data CN=System CN=TPM Devices CN=Users CN=kms OU=Actualizador OU=Alumnos OU=Aula S1-02 OU=Aula S2-01 OU=Aula S2-02 OU=AulaS1-2_Mac OU=Aulas Teoria OU=Domain Controllers OU=GRUPOS_ALUMNOS OU=Impresoras OU=Mac OU=Ordenadores OU=Profesores ~ > -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Fridolin SOMERS changed: What|Removed |Added Status|Pushed to Stable|RESOLVED Resolution|--- |FIXED --- Comment #17 from Fridolin SOMERS --- Pushed to 17.05.x for 17.05.14 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Fridolin SOMERS changed: What|Removed |Added CC||fridolin.som...@biblibre.co ||m --- Comment #16 from Fridolin SOMERS --- Pushed to 17.11.x for 17.11.09 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Martin Renvoize changed: What|Removed |Added Text to go in the|This corrects an| release notes|| -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Martin Renvoize changed: What|Removed |Added Status|Pushed to Master|Pushed to Stable Text to go in the||This corrects an release notes|| --- Comment #15 from Martin Renvoize --- Pushed to 18.05.x for 18.05.03 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Nick Clemens changed: What|Removed |Added Status|Passed QA |Pushed to Master --- Comment #14 from Nick Clemens --- Awesome work all! Pushed to master for 18.11 -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Martin Renvoize changed: What|Removed |Added Status|Signed Off |Passed QA --- Comment #13 from Martin Renvoize --- Certainly, the code is solid and I'm more than happy for my SO to count as QA :) -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #12 from Katrin Fischer --- Thx, Brendan. Martin, are you ok with switching to PQA counting yours as QA? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Brendan Gallagher changed: What|Removed |Added Attachment #76879|0 |1 is obsolete|| --- Comment #11 from Brendan Gallagher --- Created attachment 78001 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=78001&action=edit Bug 18947 - LDAP: do not assume anonymous bind if no user or password To test: Ideally tested on a working ldap server with bind by auth and no anonymous bind 1 - Define an LDAP config with bind by auth 2 - Don't define user/pass 3 - Define anonymous_bind = 0 4 - Attempt bind by auth 5 - Error is something like: LDAP search failed to return object : X: LdapErr: -XX, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 102. 6 - Define user/pass 7 - Now bind by auth should work 8 - remove user/pass 9 - Apply patch 10 - Attempt again 11 - Bind by auth shoudl succeed prove -v t/db_dependent/Auth_with_ldap.t Signed-off-by: Martin Renvoize Signed-off-by: Brendan A Gallagher -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Jonathan Druart changed: What|Removed |Added CC||alex.arn...@biblibre.com --- Comment #10 from Jonathan Druart --- Alex, could you have a look at this one and QA it? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Jonathan Druart changed: What|Removed |Added Version|17.05 |master -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Jonathan Druart changed: What|Removed |Added CC||jonathan.dru...@bugs.koha-c ||ommunity.org Depends on||6979 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6979 [Bug 6979] LDAP authentication fails during password comparison -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #9 from Liz Rea --- I don't have a non-production LDAP to test against :( -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #8 from Katrin Fischer --- Is this also valid for master? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Katrin Fischer changed: What|Removed |Added CC||katrin.fisc...@bsz-bw.de --- Comment #7 from Katrin Fischer --- Hi Liz, could you sign off so we can count Martin for QA? -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #6 from Liz Rea --- I just had to add the extra configs because of this last night lol. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Martin Renvoize changed: What|Removed |Added CC||martin.renvoize@ptfs-europe ||.com Status|Needs Signoff |Signed Off --- Comment #5 from Martin Renvoize --- Can't believe I hadn't come across this until now! Signing Off. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Martin Renvoize changed: What|Removed |Added Attachment #69777|0 |1 is obsolete|| --- Comment #4 from Martin Renvoize --- Created attachment 76879 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=76879&action=edit Bug 18947 - LDAP: do not assume anonymous bind if no user or password To test: Ideally tested on a working ldap server with bind by auth and no anonymous bind 1 - Define an LDAP config with bind by auth 2 - Don't define user/pass 3 - Define anonymous_bind = 0 4 - Attempt bind by auth 5 - Error is something like: LDAP search failed to return object : X: LdapErr: -XX, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 102. 6 - Define user/pass 7 - Now bind by auth should work 8 - remove user/pass 9 - Apply patch 10 - Attempt again 11 - Bind by auth shoudl succeed prove -v t/db_dependent/Auth_with_ldap.t Signed-off-by: Martin Renvoize -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Bob Birchall changed: What|Removed |Added CC||b...@calyx.net.au -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Nick Clemens changed: What|Removed |Added Status|NEW |Needs Signoff -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 --- Comment #3 from Nick Clemens --- Created attachment 69777 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=69777&action=edit Bug 18947 - LDAP: do not assume anonymous bind if no user or password To test: Ideally tested on a working ldap server with bind by auth and no anonymous bind 1 - Define an LDAP config with bind by auth 2 - Don't define user/pass 3 - Define anonymous_bind = 0 4 - Attempt bind by auth 5 - Error is something like: LDAP search failed to return object : X: LdapErr: -XX, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 at /usr/share/koha/lib/C4/Auth_with_ldap.pm line 102. 6 - Define user/pass 7 - Now bind by auth should work 8 - remove user/pass 9 - Apply patch 10 - Attempt again 11 - Bind by auth shoudl succeed prove -v t/db_dependent/Auth_with_ldap.t -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Liz Rea changed: What|Removed |Added CC||l...@catalyst.net.nz --- Comment #2 from Liz Rea --- Thanks for writing this down Nick, just had this problem and couldn't even get in with the DB admin. -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Nick Clemens changed: What|Removed |Added Assignee|koha-b...@lists.koha-commun |n...@bywatersolutions.com |ity.org | --- Comment #1 from Nick Clemens --- This broke LDAP configuration after upgrade to 17.05, will tyr to provide a patch shortly -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Nick Clemens changed: What|Removed |Added CC||n...@bywatersolutions.com Severity|normal |major -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Mason James changed: What|Removed |Added CC||m...@kohaaloha.com See Also||https://bugs.koha-community ||.org/bugzilla3/show_bug.cgi ||?id=6979 -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 18947] Unexpected Active Directory LDAP authentication failure mode
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18947 Sven Coenye changed: What|Removed |Added Summary|Active Directory LDAP |Unexpected Active Directory |authentication broken |LDAP authentication failure ||mode -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/