https://connect.hyland.com/t5/alfresco-archive/alfresco-ce-5-0-b-spp-ad-ldap-authentication-issues/m-p/312306#M265436 <HTML><HEAD></HEAD><BODY><SPAN>Hi,</SPAN><BR /><BR /><SPAN>I've been attempting to implement an Alfresco CE 5.0.b instance on a CentOS 6.6 box authenticating against a Windows Server 2008 AD domain, however I'm encountering issues with the SPP interacting with MS Office 2013 on the clients.</SPAN><BR /><BR /><BR /><SPAN>I've managed to get Alfresco to sync with the AD servers and have visibility of the AD Security groups &amp; users within the Alfresco web front-end.</SPAN><BR /><BR /><SPAN>The issue I'm encountering is with the "edit online" functionality, where Office will open and attempt to open the file, however the user is being constantly challenged to provide credentials (which ultimately don't work).</SPAN><BR /><BR /><SPAN>The steps to reproduce this are:</SPAN><BR /><BR /><SPAN>- Log into Alfresco web gui using AD credentials.</SPAN><BR /><SPAN>- Navigate to SharePoint site (which the user is a manager of).</SPAN><BR /><SPAN>- Access the documents library.</SPAN><BR /><SPAN>- Select a spreadsheet that has been placed into the documents library as a test.</SPAN><BR /><SPAN>- Click on "Edit Online".</SPAN><BR /><SPAN>- Excel 2013 will open, however will challenge for credentials constantly - before failing (with the AD credentials).</SPAN><BR /><BR /><SPAN>I have tried to plug the AD credentials into the Excel 2013 credential challenge for the hostname &lt;alfresco_server_name.domain.co.uk&gt; in the folllowing formats (just as a punt):</SPAN><BR /><BR /><SPAN>username@domain</SPAN><BR /><SPAN><A class="jive-link-email-small" href="mailto:username@domain.co.uk" rel="nofollow noopener noreferrer">username@domain.co.uk</A></SPAN><BR /><SPAN>domain\username</SPAN><BR /><SPAN>domain.co.uk\username</SPAN><BR /><SPAN>&lt;alfresco_server_name&gt;\username</SPAN><BR /><SPAN>username@&lt;alfresco_server_name&gt;</SPAN><BR /><SPAN>&lt;alfresco_server_name.domain.co.uk&gt;\username</SPAN><BR /><SPAN>username@&lt;alfresco_server_name.domain.co.uk&gt;</SPAN><BR /><BR /><SPAN><SPAN>But none of these worked &amp; ultimatley fails with the error "Microsoft Excel cannot access the file '</SPAN><A class="jive-link-external-small" href="http://" rel="nofollow noopener noreferrer">http://</A><SPAN>&lt;alfresco_server_name.domain.co.uk&gt;:7070/alfresco/&lt;sitename&gt;/documentLibrary/&lt;filename&gt;'. There are several possible reasons.".</SPAN></SPAN><BR /><BR /><SPAN>On the off chance I did provide the Alfresco admin's credentials into the Excel 2013 credential challenge, which allowed me to access &amp; edit the file online within Excel.</SPAN><BR /><BR /><SPAN>Below is my alfresco-global.proerties file (which has been sanitized of any internal data):</SPAN><BR /><BR /><BR /><PRE class="language-none line-numbers"><CODE><BR />###############################<BR />## Common Alfresco Properties #<BR />###############################<BR /><BR />dir.root=/home/alfresco-5.0.b/alf_data<BR /><BR />authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad<BR />#You can login by bulidin alfresco authentication system and ldap<BR /><BR />ntlm.authentication.sso.enabled=true<BR /><BR />ldap.authentication.allowGuestLogin=false<BR />#do not allow guest logon<BR /><BR />ldap.authentication.userNameFormat=%s@domain.co.uk<BR />#your login is the same like user name in windows<BR /><BR />ldap.authentication.java.naming.provider.url=ldap://&lt;activedirectoryserver&gt;:389<BR />#adres of ldap server<BR />ldap.authentication.defaultAdministratorUserNames=admin<BR />#users with admin rights<BR />ldap.synchronization.java.naming.security.principal=_ALFRESCO_SERVICE@domain.co.uk<BR />#account ldap administrator on your server<BR />ldap.synchronization.java.naming.security.credentials=REMOVED<BR />ldap.synchronization.groupSearchBase=dc=\domain,dc\=co,dc\=uk<BR />ldap.synchronization.userSearchBase=dc=\domain,dc\=co,dc\=uk<BR /><BR />alfresco.context=alfresco<BR />alfresco.host=&lt;alfresco_server_name&gt;.domain.co.uk<BR />alfresco.port=8080<BR />alfresco.protocol=http<BR /><BR />share.context=share<BR />share.host=&lt;alfresco_server_name&gt;.domain.co.uk<BR />share.port=8080<BR />share.protocol=http<BR /><BR />### database connection properties ###<BR />db.driver=org.gjt.mm.mysql.Driver<BR />db.username=alfresco<BR />db.password=REMOVED<BR />db.name=alfresco<BR />db.url=jdbc:mysql://localhost/alfresco?useUnicode=yes&amp;characterEncoding=UTF-8<BR /># Note: your database must also be able to accept at least this many connections.&nbsp; Please see your database documentation for instructions on how to configure this.<BR />db.pool.max=275<BR />db.pool.validate.query=SELECT 1<BR /><BR /># The server mode. Set value here<BR /># UNKNOWN | TEST | BACKUP | PRODUCTION<BR />system.serverMode=TEST<BR /><BR />### FTP Server Configuration ###<BR />ftp.port=21<BR /><BR />### RMI registry port for JMX ###<BR />alfresco.rmi.services.port=50500<BR /><BR />### External executable locations ###<BR />ooo.exe=/home/alfresco-5.0.b/libreoffice/program/soffice<BR />ooo.enabled=true<BR />ooo.port=8100<BR />img.root=/home/alfresco-5.0.b/common<BR />img.dyn=${img.root}/lib<BR />img.exe=${img.root}/bin/convert<BR />swf.exe=/home/alfresco-5.0.b/common/bin/pdf2swf<BR />swf.languagedir=/home/alfresco-5.0.b/common/japanese<BR /><BR />jodconverter.enabled=false<BR />jodconverter.officeHome=/home/alfresco-5.0.b/libreoffice<BR />jodconverter.portNumbers=8100<BR /><BR />### Initial admin password ###<BR />alfresco_user_store.adminpassword=REMOVED<BR /><BR />### E-mail site invitation setting ###<BR />notification.email.siteinvite=false<BR /><BR />### License location ###<BR />dir.license.external=/home/alfresco-5.0.b<BR /><BR />### Solr indexing ###<BR />index.subsystem.name=solr4<BR />dir.keystore=${dir.root}/keystore<BR />solr.port.ssl=8443<BR /><BR />### BPM Engine ###<BR />system.workflow.engine.jbpm.enabled=false<BR /><BR />### Allow extended ResultSet processing<BR />security.anyDenyDenies=false<BR /><SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><BR /><SPAN>Enabling NTLMv1 on the clients and using passthru isn't an option within the environment that this Alfresco instance will be operating within.</SPAN><BR /><BR /><BR /><SPAN>Any guidance/or any obvious corrections that anybody could provide, would be gratefully received.</SPAN></BODY></HTML> Wed, 12 Nov 2014 11:21:59 GMT plar 2014-11-12T11:21:59Z https://connect.hyland.com/t5/alfresco-archive/alfresco-ce-5-0-b-spp-ad-ldap-authentication-issues/m-p/312306#M265436 Hi,I've been attempting to implement an Alfresco CE 5.0.b instance on a CentOS 6.6 box authenticating against a Windows Server 2008 AD domain, however I'm encountering issues with the SPP interacting with MS Office 2013 on the clients.I've managed to get Alfresco to sync with the AD servers and have Wed, 12 Nov 2014 11:21:59 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-ce-5-0-b-spp-ad-ldap-authentication-issues/m-p/312306#M265436 plar 2014-11-12T11:21:59Z https://connect.hyland.com/t5/alfresco-archive/alfresco-ce-5-0-b-spp-ad-ldap-authentication-issues/m-p/312307#M265437 <HTML><HEAD></HEAD><BODY><SPAN>Did you find any solution, im havind the same problem.</SPAN></BODY></HTML> Fri, 28 Aug 2015 14:02:05 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-ce-5-0-b-spp-ad-ldap-authentication-issues/m-p/312307#M265437 javier_vargas 2015-08-28T14:02:05Z