https://connect.hyland.com/t5/alfresco-archive/configure-ldap-only-membersof-a-group-ad/m-p/226878#M180008 <HTML><HEAD></HEAD><BODY><SPAN>Hello,</SPAN><BR /><BR /><SPAN>First sorry for my english…I'm french..</SPAN><BR /><SPAN>I'm trying Alfresco (ubuntu package) in ubuntu server 9.10.</SPAN><BR /><BR /><SPAN>I have some questions ….:</SPAN><BR /><BR /><SPAN>1.My configuation of LDAP authentication works but but I'd like to only allow users members of my Active Directory group (GR_ALFRESCO).</SPAN><BR /><SPAN>What line i have modify in the "ldap-ad-authentication.properties" If someone can explain the process …</SPAN><BR /><BR /><SPAN>I try to recover goups and users who are members of the group GR_ALFRESCO.</SPAN><BR /><SPAN>The group is in the UO:</SPAN><BR /><SPAN>mondomaine.com</SPAN><BR /><SPAN>- site1 (UO)</SPAN><BR /><SPAN>—- Groups (UO)</SPAN><BR /><SPAN>——– ALFRESCO (Group)</SPAN><BR /><BR /><SPAN>I changed the file ldap-ad-authentication.properties as follows:</SPAN><BR /><BR /><SPAN># The query to select all objects that represent the groups to import.</SPAN><BR /><SPAN>ldap.synchronization.groupQuery=(&amp;(objectclass\=group)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com))</SPAN><BR /><BR /><SPAN># The query to select objects that represent the groups to import that have changed since a certain time.</SPAN><BR /><SPAN>ldap.synchronization.groupDifferentialQuery=(&amp;(objectclass\=group)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><BR /><SPAN># The query to select all objects that represent the users to import.</SPAN><BR /><SPAN>ldap.synchronization.personQuery=(&amp;(objectclass\=user)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))</SPAN><BR /><BR /><SPAN># The query to select objects that represent the users to import that have changed since a certain time.</SPAN><BR /><SPAN>ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=user)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><BR /><SPAN># The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.</SPAN><BR /><SPAN>ldap.synchronization.groupSearchBase=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com</SPAN><BR /><BR /><SPAN># The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.</SPAN><BR /><SPAN>ldap.synchronization.userSearchBase=memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com</SPAN><BR /><BR /><SPAN>I have this error : javax.naming.InvalidNameException: memberOf=cn=ALFRESCO,ou=Groups,ou=site1,dc=mondomaine,dc=com [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME).</SPAN><BR /><BR /><SPAN>an idea ?</SPAN><BR /><SPAN>Thanks for help.</SPAN></BODY></HTML> Mon, 11 Jan 2010 14:58:31 GMT sergio1024 2010-01-11T14:58:31Z https://connect.hyland.com/t5/alfresco-archive/configure-ldap-only-membersof-a-group-ad/m-p/226878#M180008 Hello,First sorry for my english…I'm french..I'm trying Alfresco (ubuntu package) in ubuntu server 9.10.I have some questions ….:1.My configuation of LDAP authentication works but but I'd like to only allow users members of my Active Directory group (GR_ALFRESCO).What line i have modify in the "ldap Mon, 11 Jan 2010 14:58:31 GMT https://connect.hyland.com/t5/alfresco-archive/configure-ldap-only-membersof-a-group-ad/m-p/226878#M180008 sergio1024 2010-01-11T14:58:31Z https://connect.hyland.com/t5/alfresco-archive/configure-ldap-only-membersof-a-group-ad/m-p/226879#M180009 <HTML><HEAD></HEAD><BODY><SPAN>You should use the memberof in the personQuery and personDifferentialQuery. See </SPAN><A href="http://forums.alfresco.com/en/viewtopic.php?f=9&amp;t=22151&amp;p=72902#p72902" rel="nofollow noopener noreferrer">http://forums.alfresco.com/en/viewtopic.php?f=9&amp;t=22151&amp;p=72902#p72902</A></BODY></HTML> Tue, 12 Jan 2010 12:29:03 GMT https://connect.hyland.com/t5/alfresco-archive/configure-ldap-only-membersof-a-group-ad/m-p/226879#M180009 dward 2010-01-12T12:29:03Z