https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237618#M190748 <HTML><HEAD></HEAD><BODY><SPAN>Hi all,</SPAN><BR /><BR /><SPAN>I'm new here. I'm having certain issues with in alfresco - OpenLDAP integration&nbsp; .</SPAN><BR /><BR /><SPAN>&gt;&gt; As soon as a full sync is run the groups that are previously synced from OpenLDAP server is getting deleted in alfresco. </SPAN><BR /><SPAN>&gt;&gt; All members of LDAP group are not imported to corresponding group in alfresco </SPAN><BR /><SPAN>&gt;&gt; Users that are getting created on alfresco have two entries with two different home dir's</SPAN><BR /><BR /><SPAN>/Company Home/User Homes/&lt;username&gt;</SPAN><BR /><SPAN>/Company Home/User Homes/&lt;cn&gt;</SPAN><BR /><BR /><SPAN>My configuration is as below,</SPAN><BR /><BR /><SPAN>1)&nbsp; alfresco-global.properties to have the following:</SPAN><BR /><BR /><SPAN>authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap</SPAN><BR /><BR /><SPAN>2) I have created the folders structure as below</SPAN><BR /><BR /><SPAN>shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1</SPAN><BR /><BR /><SPAN>3) the configuration is as below:&nbsp; ldap-authentication.properties</SPAN><BR /><BR /><SPAN>ldap.authentication.active=true</SPAN><BR /><SPAN>ldap.authentication.allowGuestLogin=false</SPAN><BR /><SPAN>ldap.authentication.userNameFormat=cn=%s,ou=Testdir,o=Directory</SPAN><BR /><SPAN>ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory</SPAN><BR /><SPAN>ldap.authentication.java.naming.provider.url=ldap://192.168.1.1:389</SPAN><BR /><SPAN>ldap.authentication.java.naming.security.authentication=simple</SPAN><BR /><SPAN>ldap.authentication.java.naming.security.principal=cn=Admin,o=Directory</SPAN><BR /><SPAN>ldap.authentication.java.naming.security.credentials=secret</SPAN><BR /><SPAN>ldap.authentication.escapeCommasInBind=false</SPAN><BR /><SPAN>ldap.authentication.escapeCommasInUid=false</SPAN><BR /><SPAN>ldap.authentication.defaultAdministratorUserNames=admin</SPAN><BR /><SPAN>ldap.synchronization.active=true</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.authentication=simple</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.principal=cn=Admin,o=Directory</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.credentials=secret</SPAN><BR /><SPAN>ldap.synchronization.queryBatchSize=1000</SPAN><BR /><SPAN>dap.synchronization.groupQuery=(objectclass\=posixGroup)</SPAN><BR /><SPAN>ldap.synchronization.groupDifferentialQuery=(&amp;(objectclass\=posixGroup)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.personQuery=(objectclass\=posixAccount)</SPAN><BR /><SPAN>ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=posixAccount)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.groupSearchBase=ou=Testdir,o=Directory</SPAN><BR /><SPAN>ldap.synchronization.userSearchBase=ou=Testdir,o=Directory</SPAN><BR /><SPAN>ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp</SPAN><BR /><SPAN>ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'</SPAN><BR /><SPAN>ldap.synchronization.userIdAttributeName=uid</SPAN><BR /><SPAN>ldap.synchronization.userFirstNameAttributeName=givenName</SPAN><BR /><SPAN>ldap.synchronization.userLastNameAttributeName=sn</SPAN><BR /><SPAN>ldap.synchronization.userEmailAttributeName=mail</SPAN><BR /><SPAN>ldap.synchronization.userOrganizationalIdAttributeName=o</SPAN><BR /><SPAN>ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider</SPAN><BR /><SPAN>ldap.synchronization.groupIdAttributeName=cn</SPAN><BR /><SPAN>ldap.synchronization.groupType=posixGroup</SPAN><BR /><SPAN>ldap.synchronization.personType=posixAccount</SPAN><BR /><SPAN>ldap.synchronization.groupMemberAttributeName=memberUid</SPAN><BR /><SPAN>ldap.synchronization.enableProgressEstimation=true</SPAN><BR /><SPAN>synchronization.synchronizeChangesOnly=false</SPAN><BR /><SPAN>synchronization.syncOnStartup=true</SPAN><BR /><SPAN>synchronization.syncWhenMissingPeopleLogIn=true</SPAN><BR /><SPAN>synchronization.import.cron=0 0 * * * ? </SPAN><BR /><BR /><SPAN>Hoping somebody out there will help me on this, i've burned myself out&nbsp; <img id="smileysad" class="emoticon emoticon-smileysad" src="https://connect.hyland.com/i/smilies/16x16_smiley-sad.png" alt="Smiley Sad" title="Smiley Sad" /> </SPAN><BR /><BR /><SPAN>Thanks for the help</SPAN><BR /><SPAN>Uptime</SPAN></BODY></HTML> Sat, 07 Aug 2010 13:05:33 GMT uptime365 2010-08-07T13:05:33Z https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237618#M190748 Hi all,I'm new here. I'm having certain issues with in alfresco - OpenLDAP integration&nbsp; .&gt;&gt; As soon as a full sync is run the groups that are previously synced from OpenLDAP server is getting deleted in alfresco. &gt;&gt; All members of LDAP group are not imported to corresponding group in alf Sat, 07 Aug 2010 13:05:33 GMT https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237618#M190748 uptime365 2010-08-07T13:05:33Z https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237619#M190749 <HTML><HEAD></HEAD><BODY><SPAN>Logs :: groups getting deleted</SPAN><BR /><BR /><SPAN>=========</SPAN><BR /><SPAN>18:00:00,065 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 0 entries</SPAN><BR /><SPAN>18:00:00,065 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 0 entries</SPAN><BR /><SPAN>18:00:00,097 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving users changed since Aug 7, 2010 4:48:47 PM from user registry 'ldap1'</SPAN><BR /><SPAN>18:00:00,118 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 0 entries</SPAN><BR /><SPAN>18:00:00,124 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Completed batch of 0 entries</SPAN><BR /><SPAN>18:00:00,138 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Commencing batch of 1 entries</SPAN><BR /><SPAN>18:00:00,253 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Processed 1 entries out of 1. 100% complete. Rate: 8 per second. 0 failures detected.</SPAN><BR /><SPAN>18:00:00,253 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Completed batch of 1 entries</SPAN><BR /><SPAN>18:00:00,253 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap1'</SPAN><BR /><SPAN>18:00:00,253 INFO&nbsp; [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] 0 user(s) and 1 group(s) processed</SPAN><BR /><SPAN>=========</SPAN><BR /><BR /><SPAN>The deleted group is still there in LDAP, and 'm not getting the slightest idea why it is getting deleted from alfresco.</SPAN><BR /><BR /><BR /><SPAN>Uptime</SPAN></BODY></HTML> Sat, 07 Aug 2010 13:13:47 GMT https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237619#M190749 uptime365 2010-08-07T13:13:47Z https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237620#M190750 <HTML><HEAD></HEAD><BODY><SPAN>Hi,</SPAN><BR /><BR /><SPAN>Still with it .. can someone help me out please…</SPAN><BR /><BR /><SPAN>Thanks,</SPAN><BR /><SPAN>Uptime</SPAN></BODY></HTML> Mon, 09 Aug 2010 08:03:50 GMT https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237620#M190750 uptime365 2010-08-09T08:03:50Z https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237621#M190751 <HTML><HEAD></HEAD><BODY><SPAN>Please set</SPAN><BR /><BR /><SPAN>log4j.logger.org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer=debug</SPAN><BR /><BR /><SPAN>in log4j.properties and provide the output in alfresco.log.</SPAN><BR /><BR /><SPAN>Please also provide LDIF dumps of a problematic user account and a problematic group.</SPAN></BODY></HTML> Tue, 10 Aug 2010 18:57:11 GMT https://connect.hyland.com/t5/alfresco-archive/group-synchronization-issues/m-p/237621#M190751 dward 2010-08-10T18:57:11Z