Allowing only LDAP authentication for logins
Normally, if a user logs in to SirsiDynix e-Library and LDAP authentication is enabled, the system will search both the LDAP directory and the SirsiDynix Symphony user records for validating information.
In the LDAP directory, validating information usually takes the form of a username and password. In SirsiDynix Symphony, this information also includes the barcode and PIN from the user’s ID card. Therefore, under the default configuration, users without a valid LDAP username and password could still log in to e-Library using their ID card.
For example, a former student tries to log in to the university library. His or her username and password have been removed from the active student directory. However, the barcode and PIN on their student ID card are still stored in the user account on SirsiDynix Symphony. The system first checks for LDAP authentication, and when that fails, by default it checks for their barcode and PIN. If the barcode and PIN have not been removed from the Symphony database, the former student logs into the university library.
To allow only LDAP authentication for patron logins
| 1 | On the LDAP configuration page set the Allow only LDAP logins variable to Yes. |
| 2 | Save the configuration. |
Note: Any admin accounts or other shared-user accounts must be registered in the LDAP directory (e.g. you must create a student or staff ID for the shared account) or they will become unavailable when you turn this setting on.