https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309065#M262195 <HTML><HEAD></HEAD><BODY><SPAN>So I'm running 4.2d Community Edition.</SPAN><BR /><BR /><SPAN>I was using LDAP-AD for sync and PASSTHRU for authentication.</SPAN><BR /><BR /><SPAN>Today I tried to deploy the Records Management module for testing. I ran the amp deploy script after moving the amps into amps/ and amps_share/, I ran the script while Alfresco was running.</SPAN><BR /><BR /><SPAN>After the script reported it was complete, Alfresco was using a lot of CPU and Tomcat stopped serving Alfresco. I then figured I would wait as it may be processing something.</SPAN><BR /><BR /><SPAN>After 20 minutes I nicely restarted Alfresco, and it came back up. Only to discover my Authentication chain had been blown away.</SPAN><BR /><BR /><SPAN>I had declared my auth chain in repository.properties, and had moved my modified auth subsystems into the relevant shared folders.</SPAN><BR /><BR /><SPAN>I had at first thought that my subsystems had been blown away too, but I was looking in the wrong folder. I had misread a part of the auth subsystems manual page, and was trying to re-create them in "$TOMCAT_HOME/shared/classes/alfresco/extension/subsystems/Authentication" when I should have checked "$TOMCAT_HOME/shared/classes/alfresco/subsystems/Authentication" instead, and would have discovered my subsystems intact.</SPAN><BR /><BR /><SPAN>However, now that I have discovered this, I have tried to re-use the subsystems. I tried to instead add the auth chain configuration to alfresco-globa.properties , only to discover Alfresco seems to now be ignoring my custom subsystems altogether.</SPAN><BR /><BR /><SPAN>I tried re-adding the chain to the repository.properties file, and again, ignoring them.</SPAN><BR /><BR /><SPAN>Why do I think it's ignoring them? Well first off, it's complaining about default settings, like defaultcompany kind of thing. Also cannot create passthru domain bean.</SPAN><BR /><BR /><SPAN>I'm at a loss as to what I've done here and what I can do. Help please?</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE><BR /> 2013-11-26 15:39:48,620&nbsp; ERROR [authentication.ldap.LDAPInitialDirContextFactoryImpl] [localhost-startStop-1] Unable to connect to LDAP Server; check LDAP configuration<BR /> javax.naming.CommunicationException: domaincontroller.company.com:389 [Root exception is java.net.ConnectException: Connection timed out]<BR /><SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE></BODY></HTML> Tue, 26 Nov 2013 22:39:39 GMT bloodyiron 2013-11-26T22:39:39Z https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309065#M262195 So I'm running 4.2d Community Edition.I was using LDAP-AD for sync and PASSTHRU for authentication.Today I tried to deploy the Records Management module for testing. I ran the amp deploy script after moving the amps into amps/ and amps_share/, I ran the script while Alfresco was running.After the sc Tue, 26 Nov 2013 22:39:39 GMT https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309065#M262195 bloodyiron 2013-11-26T22:39:39Z https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309066#M262196 <HTML><HEAD></HEAD><BODY><SPAN>So in attempting to resolve this issue I've found a discrepancy in the documentation</SPAN><BR /><BR /><SPAN>When copying the subsystem to the shared folder (outlined below), the documentation suggests a peculiar way to rename it, which doesn't work, and doesn't match what it describes.</SPAN><BR /><BR /><SPAN>So, I copy the relevant subsystem, in this example ldap to this folder:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>$TOMCAT_HOME/shared/classes/alfresco/subsystems/Authentication/ldap<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><BR /><SPAN>Now since I'm modifying that subsystem it's a good idea to rename the folder so that it doesn't overlap with the default ldap subsystem. But here's the problem. The documentation recommends the folder location changes too. The documentation recommends moving it and renaming it to the following:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>$TOMCAT_HOME/shared/classes/alfresco/subsystems/Authentication/ldap/myldap<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><BR /><SPAN>And then in that "myldap" folder is your ldap configs. Then the Documentation recommends the chain entry be myldap:myldap . The second one being the type, the first one being the name. This doesn't work. What I had to do was this:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>$TOMCAT_HOME/shared/classes/alfresco/subsystems/Authentication/myldap<SPAN class="line-numbers-rows"><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><BR /><SPAN>And now using myldap:myldap works!</SPAN><BR /><BR /><SPAN>Other parts of the documentation are a bit confusing. Initially I was doing myldap:ldap, and having it under the subfolder as suggested above, which didn't work, it just ended up loading the default subsystem, not the one I had configured under shared.</SPAN><BR /><BR /><SPAN>So now my Auth subsystems work. I did not lose users at all, oddly enough, or permissions. So that's good.</SPAN></BODY></HTML> Wed, 27 Nov 2013 17:27:06 GMT https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309066#M262196 bloodyiron 2013-11-27T17:27:06Z https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309067#M262197 <HTML><HEAD></HEAD><BODY><SPAN>Which page of documentation is wrong?</SPAN><BR /><BR /><SPAN>Your configuration settings, including your auth chain settings should be in&nbsp; $TOMCAT_HOME/shared/classes/alfresco-global.properties.&nbsp;&nbsp; </SPAN><BR /><BR /><SPAN>For a simple configuration (only one ldap server) there's no need to touch the subsystem configuration at all.</SPAN><BR /><BR /><SPAN>Your configuration should be under $TOMCAT_HOME/shared/classes/alfresco/extension/subsystems/Authentication/ldap/myldap</SPAN><BR /><BR /><SPAN>your chain should contain myldap:ldap&nbsp;&nbsp; </SPAN><BR /><BR /></BODY></HTML> Wed, 27 Nov 2013 17:52:38 GMT https://connect.hyland.com/t5/alfresco-archive/deployed-records-management-gt-blew-away-my-authentication/m-p/309067#M262197 mrogers 2013-11-27T17:52:38Z