https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274149#M227279 <HTML><HEAD></HEAD><BODY><SPAN>Running:</SPAN><BR /><SPAN>Alfresco 3.4.d</SPAN><BR /><SPAN>Windows Server 2003</SPAN><BR /><BR /><SPAN>Hello all,</SPAN><BR /><BR /><SPAN>&nbsp;&nbsp; I am new to Alfresco and LDAP AD and I am trying to get Alfresco 3.4.d Community edition to authenticate to my AD server.&nbsp; I have read the wiki </SPAN><A href="http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems" rel="nofollow noopener noreferrer">http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems</A><SPAN> and I cannot get Alfresco to authenticate to my AD.&nbsp; Is there a log that I can look at for some clues?&nbsp; How does one know if thier site uses UPN or DN authentication?&nbsp; I have tried both of these with no luck..I am sure that it is just something that I am misconfiguring on my end, but I would like to at least to look at some logs to get a clue.&nbsp; </SPAN><BR /><BR /><SPAN>For starters, I have gone into the subsystem </SPAN><PRE class="language-none line-numbers"><CODE>D:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><SPAN> and edited the copy of 'ldap-ad-authentication.properties' to match setting for my site and yes authentication is enabled here </SPAN><PRE class="language-none line-numbers"><CODE>ldap.authentication.active=true<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><SPAN>&nbsp;&nbsp; Is there any other place to enable ldap authentication?&nbsp; After I make a change to the ldap-ad-autehntication.properties file I always restart tomcat.&nbsp; Is that right thing to do or do not have to do this?&nbsp; </SPAN><BR /><BR /><SPAN>Also, if someone could lead me to any type of logging so that I am able to see what errors I am getting or if it even thinks that authentication is turned on I would really appreciate it!</SPAN><BR /><BR /><SPAN>I did find one log in tomcat\logs named:&nbsp; stdout_20110316.log and this could be the log that I need…in it I found:&nbsp; </SPAN><PRE class="language-none line-numbers"><CODE>20:12:22,374&nbsp; INFO&nbsp; [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><SPAN>&nbsp; does this mean that it is not even trying to use ldap-ad authentication?</SPAN><BR /><BR /><SPAN>thanks again</SPAN><BR /><BR /><SPAN>Jamie</SPAN></BODY></HTML> Thu, 17 Mar 2011 20:56:45 GMT docjay 2011-03-17T20:56:45Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274149#M227279 Running:Alfresco 3.4.dWindows Server 2003Hello all,&nbsp;&nbsp; I am new to Alfresco and LDAP AD and I am trying to get Alfresco 3.4.d Community edition to authenticate to my AD server.&nbsp; I have read the wiki http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems and I cannot get Alfresco to authenti Thu, 17 Mar 2011 20:56:45 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274149#M227279 docjay 2011-03-17T20:56:45Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274150#M227280 <HTML><HEAD></HEAD><BODY><SPAN>Don't ever hack files below WEB-INF.&nbsp;&nbsp; </SPAN><BR /><BR /><SPAN>Your config goes into alfresco-global.properties or the shared folder.</SPAN></BODY></HTML> Thu, 17 Mar 2011 22:47:49 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274150#M227280 mrogers 2011-03-17T22:47:49Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274151#M227281 <HTML><HEAD></HEAD><BODY><SPAN>thanks - I should have read the wiki more closely and noticed only to modify the alfresco-global.properties file…</SPAN><BR /><BR /><SPAN>so I think I might have ldap-ap setup right, but I still can't authenticate:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>#————-<BR />authentication.chain=ldap1:ldap-ad<BR />ldap.authentication.active=true<BR />ldap.authentication.java.naming.security.authentication=DIGEST-MD5<BR />ldap.authentication.userNameformat=%s@mydomain.com<BR />ldap.authentication.java.naming.provider.url=ldap://server.mydomain.com:389<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>and in the log I found this:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>10:01:24,405&nbsp; INFO&nbsp; [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>When I go to login I still get an error message:&nbsp; 'the remote server may be unabailable or your authentication details have not been recognized'</SPAN><BR /><BR /><SPAN><SPAN>I am logging in with just my sAMAccountName as our UPN is </SPAN><A class="jive-link-email-small" href="mailto:sAMAccountName@mydomain.com" rel="nofollow noopener noreferrer">sAMAccountName@mydomain.com</A></SPAN><BR /><BR /><SPAN>any ideas?</SPAN><BR /><BR /><SPAN>thank you for all of your help with this!</SPAN></BODY></HTML> Fri, 18 Mar 2011 15:25:57 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274151#M227281 docjay 2011-03-18T15:25:57Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274152#M227282 <HTML><HEAD></HEAD><BODY><SPAN>does anyone have any ideas that I can try?</SPAN><BR /><BR /><SPAN>thanks</SPAN></BODY></HTML> Tue, 22 Mar 2011 13:15:55 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274152#M227282 docjay 2011-03-22T13:15:55Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274153#M227283 <HTML><HEAD></HEAD><BODY><SPAN>HI,</SPAN><BR /><SPAN>add the default user name &amp; password</SPAN><BR /><BR /><SPAN>ldap.authentication.defaultAdministratorUserNames=admin</SPAN><BR /><SPAN>ldap.synchronization.active=true</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.principal=admin</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.credentials=&lt;password&gt;</SPAN><BR /><BR /><SPAN>try it…</SPAN></BODY></HTML> Wed, 23 Mar 2011 09:42:01 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-3-4-d-with-ad/m-p/274153#M227283 muralie39 2011-03-23T09:42:01Z