https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294327#M247457 <HTML><HEAD></HEAD><BODY><SPAN>I have installed Alfresco5.0.a community edition.After configuring the ldap (slapd on linux) the synchronisation is working fine. Users and Groups are getting synchronised but the user authentication/login is not working. Please guide me. </SPAN><BR /><BR /><BR /><BR /><SPAN>###### begin : ldap-authentication.properties ####################</SPAN><BR /><BR /><BR /><SPAN>ldap.authentication.active=true</SPAN><BR /><BR /><SPAN>ldap.authentication.userNameFormat=uid=%s</SPAN><BR /><BR /><SPAN>ldap.authentication.java.naming.provider.url=ldap://idrms.ipr.res.in:389</SPAN><BR /><BR /><SPAN>ldap.authentication.java.naming.security.authentication=simple</SPAN><BR /><BR /><SPAN>###### end ##############################</SPAN><BR /><BR /><BR /><SPAN>I found that in Alfresco 5.0.a edition the ldap folder ( $TOMCAT_HOME/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap) is missing. I am not able to find the context files (common-ldap-context.xml,ldap-authentication-context.xml) are missing.</SPAN><BR /><BR /><SPAN>Please guide me and provide sample context files if they are mandatory.</SPAN><BR /><BR /><SPAN>Thanks,</SPAN><BR /><SPAN> </SPAN><BR /><BR /><BR /></BODY></HTML> Thu, 14 Aug 2014 06:29:19 GMT vkpatel 2014-08-14T06:29:19Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294327#M247457 I have installed Alfresco5.0.a community edition.After configuring the ldap (slapd on linux) the synchronisation is working fine. Users and Groups are getting synchronised but the user authentication/login is not working. Please guide me. ###### begin : ldap-authentication.properties ############### Thu, 14 Aug 2014 06:29:19 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294327#M247457 vkpatel 2014-08-14T06:29:19Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294328#M247458 <HTML><HEAD></HEAD><BODY><SPAN>You should check your tomcat logs to see the ldap errors for more info. </SPAN><BR /><BR /><SPAN>My ldap opendj requires authentication no anonymous allowed. So i noticed that in order for ldap authentication to work I had to have this field (ldap.synchronization.java.naming.security.principal) in my alfresco-global.properties file. I dont have sync turned on. Otherwise it can't authenticate?</SPAN><BR /><BR /><SPAN>ldap.synchronization.active=false</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.authentication=simple</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.principal=cn\=connect,ou=\People,dc\=derpderp,dc\=com</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.credentials=password1234</SPAN><BR /><SPAN>ldap.synchronization.queryBatchSize=0</SPAN><BR /><SPAN>ldap.synchronization.attributeBatchSize=0</SPAN><BR /><SPAN>ldap.synchronization.groupQuery=(objectclass\=groupOfNames)</SPAN><BR /><SPAN>ldap.synchronization.groupDifferentialQuery=(&amp;(objectclass\=groupOfNames)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)</SPAN><BR /><SPAN>ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=inetOrgPerson)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.groupSearchBase=ou\=Groups,dc\=derpderp,dc\=com</SPAN><BR /><SPAN>ldap.synchronization.userSearchBase=ou\=People,dc\=derpderp,dc\=com</SPAN><BR /><SPAN>ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp</SPAN><BR /><SPAN>ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'</SPAN><BR /><SPAN>ldap.synchronization.userIdAttributeName=cn</SPAN><BR /><SPAN>ldap.synchronization.userFirstNameAttributeName=givenName</SPAN><BR /><SPAN>ldap.synchronization.userLastNameAttributeName=sn</SPAN><BR /><SPAN>ldap.synchronization.userEmailAttributeName=mail</SPAN><BR /><SPAN>ldap.synchronization.userOrganizationalIdAttributeName=o</SPAN><BR /><SPAN>ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider</SPAN><BR /><SPAN>ldap.synchronization.groupIdAttributeName=cn</SPAN><BR /><SPAN>ldap.synchronization.groupDisplayNameAttributeName=description</SPAN><BR /><SPAN>ldap.synchronization.groupType=groupOfNames</SPAN><BR /><SPAN>ldap.synchronization.personType=inetOrgPerson</SPAN><BR /><SPAN>ldap.synchronization.groupMemberAttributeName=member</SPAN><BR /><SPAN>ldap.synchronization.enableProgressEstimation=true</SPAN><BR /><SPAN>ldap.authentication.java.naming.read.timeout=0</SPAN><BR /><BR /></BODY></HTML> Fri, 15 Aug 2014 13:26:56 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294328#M247458 rudischmitz 2014-08-15T13:26:56Z https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294329#M247459 <HTML><HEAD></HEAD><BODY><SPAN>Please, also check (most importantly) the access.log file on the ldap server! This tells you in real time if the login was successful.</SPAN><BR /><SPAN>IMHO your ldap configuration is incomplete and the users maybe require the full dn in the openldap implementation.</SPAN><BR /><SPAN>I wrote some notes (after hours of troubleshooting) here </SPAN><A href="https://wiki.mc128k.info/index.php/Alfresco#Integration" rel="nofollow noopener noreferrer">https://wiki.mc128k.info/index.php/Alfresco#Integration</A><BR /><BR /><SPAN>MODERATORS: If it's a problem to post the link, please tell me.</SPAN></BODY></HTML> Tue, 19 Aug 2014 08:46:41 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-authentication-not-working-but-the-sync-is-working/m-p/294329#M247459 mc128k 2014-08-19T08:46:41Z