topic Please help with connecting Activiti and Active Directory in Alfresco Archive

Please help with connecting Activiti and Active Directory

bizilux — Fri, 05 Feb 2016 08:40:38 GMT

Hello all, long story short, im doing this pilot/test project for a company, and also writing Bachelor's degree on topic "Use of Alfresco Activiti for process reeingineering" at the same time. Problem is, I am catastrophically stuck at this AD problem for the past 1 month.Alfresco is on version 5.0.

Re: Please help with connecting Activiti and Active Directory

jbarrez — Fri, 05 Feb 2016 14:38:15 GMT

Moved to Enterprise forum.

We've got many customers running AD with Activiti, so I'm sure there is a way to get it working.

I see ldap.authentication.active-directory.enabled=true. I've heard many people have success by NOT using that, and accessing AD as a regular Ldap server (so just use the traditional ldap queries etc).

Re: Please help with connecting Activiti and Active Directory

bizilux — Tue, 09 Feb 2016 10:08:04 GMT

Hello, yes I did find that already, and I tried it a month ago, but no luck.

I've also found this bug report which is basically describing exact problem that we have…
https://issues.alfresco.com/jira/browse/ACTIVITI-225

this is the interesting bit:
<code>
If Users were anywhere created elsewhere in the domain besides the "CN=Users" it would never authenticate. This can be problematic as enterprise AD will not always have all the users created under "CN=Users, DC=…,DC=…" they may exists else where in the domain.</code>

Our AD structure is different, it was modified, so we dont have all users under this default AD structure.

Could you please ask one of your guys to take a look at this bug? I am almost certain this is the problem. Afterall, AD is working on Alfresco. And on Activiti it wont even import users.

Re: Please help with connecting Activiti and Active Directory

jbarrez — Thu, 11 Feb 2016 08:51:30 GMT

This issue is specifically about the AD specific properties. In the same issues it also states:

"I could never figure out how to get any of these properties to work, instead I stripped it down to basics and removed all activite-directory properties and it works. It was never the synchronization that was of issue but authentication did not work otherwise."

I checked with the person who created the issue and she confirmed me it was working once she changed the configuration to be a 'regular ldap' instead of an AD one (so simply talking to AD as if it were an LDAP server).

Re: Please help with connecting Activiti and Active Directory

bizilux — Thu, 11 Feb 2016 09:10:21 GMT

thanks for replying… I was even thinking right now of installing another AD that would be in test environment and not in production, so that i could figure this out

So if I understand you correctly, you are saying that in documentation, I should just look at "LDAP Example" and not at "Active Directory Example" right? I should just use settings for LDAP examples?

Could you tell me who was the person who created the issue? I would like to contact him/her for a few more follow up questions… is it Jennie Soria or is she just managing this issue, since she is an employee?

Re: Please help with connecting Activiti and Active Directory

jbarrez — Thu, 11 Feb 2016 09:58:39 GMT

Indeed, acting like AD is a regular LDAP solved the issue (and I've heard the same before).
Jennie is indeed an Alfresco employee and she created this issue.