https://connect.hyland.com/t5/alfresco-archive/sso/m-p/302822#M255952 <HTML><HEAD></HEAD><BODY><SPAN>Hi guys.</SPAN><BR /><SPAN>following this tutorial (</SPAN><A href="http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html" rel="nofollow noopener noreferrer">http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html</A><SPAN>) we are trying to enable SSO on alfresco community web page (share) to work.</SPAN><BR /><SPAN>SSO is not working.</SPAN><BR /><BR /><SPAN>We have put this lines:</SPAN><BR /><SPAN>authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad</SPAN><BR /><BR /><SPAN>ntlm.authentication.sso.enabled=false</SPAN><BR /><BR /><SPAN>ldap.authentication.allowGuestLogin=false</SPAN><BR /><SPAN><A class="jive-link-email-small" href="https://migration33.stage.lithium.com/" rel="nofollow noopener noreferrer">ldap.authentication.userNameFormat=%s@domain.com</A></SPAN><BR /><SPAN>ldap.authentication.java.naming.provider.url=ldap://domaincontroller.domain.com:389</SPAN><BR /><SPAN>ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco</SPAN><BR /><SPAN><A class="jive-link-email-small" href="mailto:ldap.synchronization.java.naming.security.principal=alfresco@domain.com" rel="nofollow noopener noreferrer">ldap.synchronization.java.naming.security.principal=alfresco@domain.com</A></SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.credentials=secret</SPAN><BR /><SPAN>ldap.synchronization.groupSearchBase=ou=Security Groups,ou=Alfresco\</SPAN><BR /><SPAN>,dc=domain,dc=com</SPAN><BR /><BR /><SPAN>ldap.synchronization.userSearchBase=ou=User Accounts,ou=Alfresco,dc=domain,dc=com</SPAN></BODY></HTML> Thu, 30 Jun 2016 12:06:21 GMT bostjanc 2016-06-30T12:06:21Z https://connect.hyland.com/t5/alfresco-archive/sso/m-p/302822#M255952 Hi guys.following this tutorial (http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html) we are trying to enable SSO on alfresco community web page (share) to work.SSO is not working.We have put this lines:authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-adntlm.authentication.sso. Thu, 30 Jun 2016 12:06:21 GMT https://connect.hyland.com/t5/alfresco-archive/sso/m-p/302822#M255952 bostjanc 2016-06-30T12:06:21Z https://connect.hyland.com/t5/alfresco-archive/sso/m-p/302823#M255953 <HTML><HEAD></HEAD><BODY><SPAN>Hi </SPAN><BR /><BR /><SPAN><SPAN>First off, I'm assuming that you've updated the values you posted above to match your own domain details (</SPAN><A class="jive-link-email-small" href="https://migration33.stage.lithium.com/" rel="nofollow noopener noreferrer">%s@domain.com</A><SPAN>, ldap://domaincontroller.domain.com:389, </SPAN><A class="jive-link-email-small" href="mailto:alfresco@domain.com" rel="nofollow noopener noreferrer">alfresco@domain.com</A><SPAN> etc etc) - unless domain.com is actually the name of your domain?</SPAN></SPAN><BR /><BR /><SPAN>Can you explain what you're seeing and what isn't working?&nbsp; </SPAN><BR /><BR /><SPAN>Please bear in mind that LDAP can be used to authenticate users using their Windows credentials (single sign on) but doesn't support passwordless single sign on where the user opens Alfresco and is logged in automatically. So you should expect to still see a login page when you go to Alfresco, but you will be able to use Windows usernames/passwords to authenticate.&nbsp; If this is not what you want and you want the user to simply be logged in automatically then you'll need to look at Kerberos or Pass-through authentication instead </SPAN><BR /><BR /><SPAN>Regards</SPAN><BR /><BR /><SPAN>Steven</SPAN><BR /><BR /></BODY></HTML> Thu, 30 Jun 2016 12:28:26 GMT https://connect.hyland.com/t5/alfresco-archive/sso/m-p/302823#M255953 steven_okennedy 2016-06-30T12:28:26Z