https://connect.hyland.com/t5/alfresco-archive/unable-to-retrive-users-groups-from-ldap/m-p/305387#M258517 <HTML><HEAD></HEAD><BODY><SPAN>Hi All,</SPAN><BR /><BR /><SPAN>I did the following configuration in Alfresco for ldap sync, things are looking to be fine i am able to login with the ldap user, but unable to search users/group (for inviting them to my project), it says no user found, tried searching with both username and username@domainname, but nothing worked out.</SPAN><BR /><BR /><SPAN>ldap.authentication.active=true</SPAN><BR /><SPAN>ldap.authentication.allowGuestLogin=no</SPAN><BR /><SPAN>ldap.authentication.userNameFormat=mail=%s,ou=Users,domainName=example.co.in,o=domains,dc=example,dc=co.in</SPAN><BR /><SPAN>ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory</SPAN><BR /><SPAN>ldap.authentication.java.naming.provider.url=ldap://192.168.14.4:389</SPAN><BR /><SPAN>ldap.authentication.java.naming.security.authentication=simple</SPAN><BR /><SPAN>ldap.authentication.escapeCommasInBind=false</SPAN><BR /><SPAN>ldap.authentication.escapeCommasInUid=false</SPAN><BR /><SPAN>ldap.authentication.defaultAdministratorUserNames=</SPAN><BR /><SPAN>ldap.synchronization.active=true</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.principal=cn\=vmail,dc\=example,dc\=co.in</SPAN><BR /><SPAN>ldap.synchronization.java.naming.security.credentials=test@3456677</SPAN><BR /><SPAN>ldap.synchronization.queryBatchSize=1000</SPAN><BR /><SPAN>ldap.synchronization.attributeBatchSize=10000</SPAN><BR /><SPAN>ldap.synchronization.groupQuery=(objectclass\=groupOfNames)</SPAN><BR /><SPAN>ldap.synchronization.groupDifferentialQuery=(&amp;(objectclass\=groupOfNames)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)</SPAN><BR /><SPAN>ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=inetOrgPerson)(!(modifyTimestamp&lt;\={0})))</SPAN><BR /><SPAN>ldap.synchronization.groupSearchBase=ou\=Groups,domainName\=example.co.in,o\=domains,dc\=example,dc\=co.in</SPAN><BR /><SPAN>ldap.synchronization.userSearchBase=ou\=Users,domainName\=example.co.in,o\=domains,dc\=example,dc\=co.in</SPAN><BR /><SPAN>ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp</SPAN><BR /><SPAN>ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'</SPAN><BR /><SPAN>ldap.synchronization.userIdAttributeName=uid</SPAN><BR /><SPAN>ldap.synchronization.userFirstNameAttributeName=givenName</SPAN><BR /><SPAN>ldap.synchronization.userLastNameAttributeName=sn</SPAN><BR /><SPAN>ldap.synchronization.userEmailAttributeName=mail</SPAN><BR /><SPAN>ldap.synchronization.userOrganizationalIdAttributeName=o</SPAN><BR /><SPAN>ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider</SPAN><BR /><SPAN>ldap.synchronization.groupIdAttributeName=cn</SPAN><BR /><SPAN>ldap.synchronization.groupType=groupOfNames</SPAN><BR /><SPAN>ldap.synchronization.personType=inetOrgPerson</SPAN><BR /><SPAN>ldap.synchronization.groupMemberAttributeName=member</SPAN><BR /><SPAN>ldap.synchronization.enableProgressEstimation=true</SPAN><BR /><SPAN>ldap.authentication.java.naming.read.timeout=0</SPAN><BR /><SPAN>ldap.synchronization.enableProgressEstimation=true</SPAN><BR /><BR /><SPAN>and following is the debug log….</SPAN><BR /><BR /><SPAN>014-02-25 19:46:17,710 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Synchronization' subsystem, ID: [Synchronization, default]</SPAN><BR /><SPAN>2014-02-25 19:46:18,045 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronizing users and groups with user registry 'ldap1'</SPAN><BR /><SPAN>2014-02-25 19:46:18,128 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Retrieving all groups from user registry 'ldap1'</SPAN><BR /><SPAN>2014-02-25 19:46:18,177 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Commencing batch of 0 entries</SPAN><BR /><SPAN>2014-02-25 19:46:18,178 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Completed batch of 0 entries</SPAN><BR /><SPAN>2014-02-25 19:46:18,192 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Retrieving users changed since Feb 25, 2014 4:52:34 PM from user registry 'ldap1'</SPAN><BR /><SPAN>2014-02-25 19:46:18,216 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Commencing batch of 0 entries</SPAN><BR /><SPAN>2014-02-25 19:46:18,216 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Completed batch of 0 entries</SPAN><BR /><SPAN>2014-02-25 19:46:18,244 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Finished synchronizing users and groups with user registry 'ldap1'</SPAN><BR /><SPAN>2014-02-25 19:46:18,244 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] 0 user(s) and 0 group(s) processed</SPAN><BR /><SPAN>2014-02-25 19:46:18,320 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete</SPAN><BR /><BR /><BR /><BR /><SPAN>I could see the debug logs ,&lt;blockcode&gt; 0 user(s) and 0 group(s) processed &lt;/blockcode&gt; , where as we have more than 200 users and 20 groups in ldap server.</SPAN><BR /><BR /><SPAN>Requesting all experts to provide some advice.</SPAN><BR /><BR /><SPAN>Regards,</SPAN><BR /><SPAN>Ashraf</SPAN></BODY></HTML> Wed, 26 Feb 2014 06:42:22 GMT ashraf 2014-02-26T06:42:22Z https://connect.hyland.com/t5/alfresco-archive/unable-to-retrive-users-groups-from-ldap/m-p/305387#M258517 Hi All,I did the following configuration in Alfresco for ldap sync, things are looking to be fine i am able to login with the ldap user, but unable to search users/group (for inviting them to my project), it says no user found, tried searching with both username and username@domainname, but nothing Wed, 26 Feb 2014 06:42:22 GMT https://connect.hyland.com/t5/alfresco-archive/unable-to-retrive-users-groups-from-ldap/m-p/305387#M258517 ashraf 2014-02-26T06:42:22Z https://connect.hyland.com/t5/alfresco-archive/unable-to-retrive-users-groups-from-ldap/m-p/305388#M258518 <HTML><HEAD></HEAD><BODY><SPAN>Synchronization results shows that no user or group is found.</SPAN><BR /><SPAN>You should check the following parameters in your configuration :</SPAN><BR /><SPAN>- ldap.synchronization.groupSearchBase</SPAN><BR /><SPAN>- ldap.synchronization.userSearchBase</SPAN><BR /><BR /><SPAN>They indicates where to find groups and users in your ldap.</SPAN><BR /><BR /><SPAN>If those parameters are OK, check the type of groups and users within ou\=Groups,domainName\=example.co.in,o\=domains,dc\=example,dc\=co.in and ou\=Users,domainName\=example.co.in,o\=domains,dc\=example,dc\=co.in : it must be groupOfNames and inetOrgPerson.</SPAN></BODY></HTML> Mon, 17 Mar 2014 09:04:37 GMT https://connect.hyland.com/t5/alfresco-archive/unable-to-retrive-users-groups-from-ldap/m-p/305388#M258518 mlagneaux 2014-03-17T09:04:37Z