topic LDAP Synch error: User missing user id attribute DN in Alfresco Archive https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8352#M2692 <HTML><HEAD></HEAD><BODY><SPAN>I have setup NTLM for the login to Alfresco but am now trying to get the LDAP Users and Groups to synchronize with Active Directory. </SPAN><BR /><BR /><SPAN>I am getting an error:&nbsp; User missing user id attribute DN</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>org.alfresco.repo.importer.ExportSourceImporterException: Failed to import<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:191)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />Caused by: org.alfresco.repo.importer.ExportSourceImporterException: User missing user id attribute DN =CN=Bill Behymer,OU=Users,OU=INEEL Idaho Falls,OU=DEQ,DC=deq,DC=idaho,DC=gov&nbsp; att = sAMAccountName<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource.buildGroupsAndRoots(LDAPGroupExportSource.java:476)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource.generateExport(LDAPGroupExportSource.java:150)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)<BR />&nbsp;&nbsp;&nbsp;… 3 more<BR />11:16:10,906 ERROR [org.quartz.core.ErrorLogger] Job (DEFAULT.ldapGroupJobDetail threw an exception.<BR />org.quartz.SchedulerException: Job threw an unhandled exception. [See nested exception: org.alfresco.repo.importer.ExportSourceImporterException: Failed to import]<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:202)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />* Nested Exception (Underlying Cause) —————<BR />org.alfresco.repo.importer.ExportSourceImporterException: Failed to import<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:191)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />Caused by: org.alfresco.repo.importer.ExportSourceImporterException: User missing user id attribute DN =CN=Bill Behymer,OU=Users,OU=INEEL Idaho Falls,OU=DEQ,DC=deq,DC=idaho,DC=gov&nbsp; att = sAMAccountName<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource.buildGroupsAndRoots(LDAPGroupExportSource.java:476)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource.generateExport(LDAPGroupExportSource.java:150)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)<BR />&nbsp;&nbsp;&nbsp;… 3 more<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>I don't know if that means my Active Directory doesn't have a DN set for the users it is querying?&nbsp; That sounds a little weird.&nbsp; Probably I have a configuration set wrong.</SPAN><BR /><BR /><SPAN>Here is my ldap-authentication-context.xml</SPAN><BR /><PRE class="language-none line-numbers"><CODE>&lt;?xml version="1.0" encoding="UTF-8"?&gt;<BR />&lt;!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' '<A href="http://www.springframework.org/dtd/spring-beans.dtd" rel="nofollow noopener noreferrer">http://www.springframework.org/dtd/spring-beans.dtd</A>'&gt;<BR />&lt;beans&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– DAO that rejects changes - LDAP is read only at the moment –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="alfDaoImpl" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="proxyInterfaces"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;org.alfresco.repo.security.authentication.MutableAuthenticationDao&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="transactionManager"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="transactionManager"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="target"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;bean class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="nodeService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="nodeService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="transactionAttributes"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;props&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;prop key="*"&gt;${server.transaction.mode.default}&lt;/prop&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/props&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– LDAP authentication configuration –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– <BR />&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; You can also use JAAS authentication for Kerberos against Active Directory or NTLM if you also require single sign on from the<BR />&nbsp;&nbsp;&nbsp; web browser. You do not have to use LDAP authentication to synchronise groups and users from an LDAP store if it supports other<BR />&nbsp;&nbsp;&nbsp; authentication routes, like Active Directory.<BR />&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="LDAPInitialDirContextFactory"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapInitialDirContextFactory"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="userNameFormat"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;sAMAccountName=%s&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups<BR />&nbsp;&nbsp;&nbsp; to pull them out of the LDAP reopsitory<BR />&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="initialDirContextEnvironment"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="java.naming.factory.initial"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;com.sun.jndi.ldap.LdapCtxFactory&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="java.naming.provider.url"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;ldap://10.220.7.171:389&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="java.naming.security.authentication"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;simple&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="java.naming.security.principal"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;query&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="java.naming.security.credentials"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;xxxxx&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– Ldap Syncronisation support –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; There can be more than one stack of beans that import users or groups. For example, it may be easier<BR />&nbsp;&nbsp;&nbsp; to have a version of ldapPeopleExportSource, and associated beans, for each sub-tree of your ldap directory<BR />&nbsp;&nbsp;&nbsp; from which you want to import users. You could then limit users to be imported from two or more sub tress and ignore <BR />&nbsp;&nbsp;&nbsp; users found else where. The same applies to the import of groups. <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; The defaults shown below are for OpenLDAP.&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– Extract user information from LDAP and transform this to XML –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapPeopleExportSource" class="org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The query to select objects that represent the users to import.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For Open LDAP, using a basic schema, the following is probably what you want:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (objectclass=inetOrgPerson)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For Active Directory:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (objectclass=user)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="personQuery"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;&lt;![CDATA[(&amp;(objectclass=user)(cn=*)(sn=*)(mail=*)(company=*))]]&gt;&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–&lt;value&gt;(objectclass=user)&lt;/value&gt;–&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The seach base restricts the LDAP query to a sub section of tree on the LDAP server.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="searchBase"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;dc=deq,dc=idaho,dc=gov&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The unique identifier for the user.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; THIS MUST MATCH WHAT THE USER TYPES IN AT THE LOGIN PROMPT&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For simple LDAP authentication this is likely to be "cn" or, less friendly, "distinguishedName"<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; In OpenLDAP, using other authentication mechanisms "uid", but this depends on how you map<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; from the id in the LDAP authentication request to search for the inetOrgPerson against which<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; to authenticate.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; In Active Directory this is most likely to be "sAMAccountName" <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This property is mandatory and must appear on all users found by the query defined above.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="userIdAttributeName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;sAMAccountName&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Services –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="LDAPInitialDirContextFactory"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapInitialDirContextFactory"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="personService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="personService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="namespaceService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="namespaceService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The path to the location of a space to use as the default home folder.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This folder should be readable by all users, or a group to which all imported users belong.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="defaultHomeFolder"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;/app:company_home&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This property defines a mapping between attributes held on LDAP user objects and<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; the properties of user objects held in the repository. The key is the QName of an attribute in<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; the repository, the value is the attribute name from the user/inetOrgPerson/.. object in the<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; LDAP repository.&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="attributeMapping"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="cm:userName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Must match the same attribute as userIdAttributeName –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;sAMAccountName&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="cm:firstName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– OpenLDAP: "givenName" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Active Directory: "givenName" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;givenName&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="cm:lastName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– OpenLDAP: "sn" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Active Directory: "sn" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;sn&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="cm:email"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– OpenLDAP: "mail" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Active Directory: "???" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;mail&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="cm:organizationId"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– OpenLDAP: "o" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Active Directory: "???" –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;company&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– Extract group information from LDAP and transform this to XML –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapGroupExportSource" class="org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The query to select objects that represent the groups to import.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For Open LDAP, using a basic schema, the following is probably what you want:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (objectclass=groupOfNames)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For Active Directory:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (objectclass=group)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="groupQuery"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;(objectclass=group)&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The seach base restricts the LDAP query to a sub section of tree on the LDAP server.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="searchBase"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;dc=deq,dc=idaho,dc=gov&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The unique identifier for the user. This must match the userIdAttributeName on the ldapPeopleExportSource bean above.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="userIdAttributeName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;sAMAccountName&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; An attribute that is a unique identifier for each group found. <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This is also the name of the group with the current group implementation.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; This is mandatory for any groups found.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; OpenLDAP: "cn" as it is mandatory on groupOfNames<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Active Directory: "cn"<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="groupIdAttributeName"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;cn&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The objectClass attribute for group members.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For each member of a group, the distinguished name is given.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The object is looked up by its DN. If the object is of this class it is treated as a group. <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="groupType"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;group&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The objectClass attribute for person members.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; For each member of a group, the distinguished name is given.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The object is looked up by its DN. If the object is of this class it is treated as a person. <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="personType"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;person&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="LDAPInitialDirContextFactory"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapInitialDirContextFactory"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="namespaceService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="namespaceService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!–<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The repeating attribute on group objects (found by query or as sub groups)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; used to define membership of the group. This is assumed to hold distinguished names of<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; other groups or users/people; the above types are used to determine this.<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; OpenLDAP: "member" as it is mandatory on groupOfNames<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Active Directory: "member"<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; <BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="memberAttribute"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;member&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– Job definitions to import LDAP people and groups –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapPeopleTrigger" class="org.springframework.scheduling.quartz.SimpleTriggerBean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobDetail"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;bean id="ldapPeopleJobDetail" class="org.springframework.scheduling.quartz.JobDetailBean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobClass"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;org.alfresco.repo.importer.ImporterJob&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobDataAsMap"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="bean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapPeopleImport"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Start after 30 seconds of starting the repository –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="startDelay"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;30000&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Repeat every hour –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="repeatInterval"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;3600000&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapGroupTrigger" class="org.springframework.scheduling.quartz.SimpleTriggerBean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobDetail"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;bean id="ldapGroupJobDetail" class="org.springframework.scheduling.quartz.JobDetailBean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobClass"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;org.alfresco.repo.importer.ImporterJob&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="jobDataAsMap"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;entry key="bean"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapGroupImport"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/entry&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/map&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Start after 30 seconds of starting the repository –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="startDelay"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;30000&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– Repeat every hour –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="repeatInterval"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;3600000&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– The bean that imports xml describing people –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapPeopleImport" class="org.alfresco.repo.importer.ExportSourceImporter"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="importerService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="importerComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="transactionService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="transactionComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="authenticationComponent"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="authenticationComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="exportSource"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapPeopleExportSource"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– The store that contains people - this should not be changed –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="storeRef"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;${spaces.store}&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– The location of people nodes within the store defined above - this should not be changed –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="path"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;/${system.system_container.childname}/${system.people_container.childname}&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– If true, clear all existing people before import, if false update/add people from the xml –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="clearAllChildren"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;false&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="nodeService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="nodeService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="searchService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="searchService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="namespacePrefixResolver"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="namespaceService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;!– The bean that imports xml descibing groups –&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;bean id="ldapGroupImport" class="org.alfresco.repo.importer.ExportSourceImporter"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="importerService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="importerComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="transactionService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="transactionComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="authenticationComponent"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="authenticationComponent"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="exportSource"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="ldapGroupExportSource"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– The store that contains group information - this should not be changed –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="storeRef"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;${alfresco_user_store.store}&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– The location of group information in the store above - this should not be changed –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="path"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;/${alfresco_user_store.system_container.childname}/${alfresco_user_store.authorities_container.childname}&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;!– If true, clear all existing groups before import, if false update/add groups from the xml –&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="clearAllChildren"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;value&gt;true&lt;/value&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="nodeService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="nodeService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="searchService"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="searchService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;property name="namespacePrefixResolver"&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;ref bean="namespaceService"/&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;/property&gt;<BR />&nbsp;&nbsp;&nbsp;&lt;/bean&gt;<BR />&lt;/beans&gt;<BR /><SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>I can tell that its connecting to AD because I see this in the logs:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>11:16:03,406 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource] Linking GROUP_Cert Publishers<BR />11:16:03,406 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource] … CN=ID,OU=Domain Controllers,DC=deq,DC=idaho,DC=gov<BR />11:16:03,453 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPGroupExportSource] … is member<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>I'd appreciate any help on this.</SPAN><BR /><BR /><SPAN>Thanks,</SPAN><BR /><SPAN>Nate</SPAN></BODY></HTML> Tue, 20 Jun 2006 18:49:29 GMT idahodeq 2006-06-20T18:49:29Z LDAP Synch error: User missing user id attribute DN https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8352#M2692 I have setup NTLM for the login to Alfresco but am now trying to get the LDAP Users and Groups to synchronize with Active Directory. I am getting an error:&nbsp; User missing user id attribute DNorg.alfresco.repo.importer.ExportSourceImporterException: Failed to import&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.Exp Tue, 20 Jun 2006 18:49:29 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8352#M2692 idahodeq 2006-06-20T18:49:29Z Re: LDAP Synch error: User missing user id attribute DN https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8353#M2693 <HTML><HEAD></HEAD><BODY><SPAN>I just noticed the person ExportSourceImporter is failing before the groups, so its probably causing the group import error.&nbsp; </SPAN><BR /><BR /><SPAN>Here's the error:</SPAN><BR /><BR /><PRE class="language-none line-numbers"><CODE>13:12:20,117 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for 00AE1FCB-4801-4CDA-A<BR />13:12:20,132 ERROR [org.quartz.core.JobRunShell] Job DEFAULT.ldapPeopleJobDetail threw an unhandled Exception: <BR />org.alfresco.repo.importer.ExportSourceImporterException: Failed to import<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:191)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />Caused by: java.lang.NullPointerException<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource.generateExport(LDAPPersonExportSource.java:205)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)<BR />&nbsp;&nbsp;&nbsp;… 3 more<BR />13:12:20,148 ERROR [org.quartz.core.ErrorLogger] Job (DEFAULT.ldapPeopleJobDetail threw an exception.<BR />org.quartz.SchedulerException: Job threw an unhandled exception. [See nested exception: org.alfresco.repo.importer.ExportSourceImporterException: Failed to import]<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:202)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />* Nested Exception (Underlying Cause) —————<BR />org.alfresco.repo.importer.ExportSourceImporterException: Failed to import<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.core.JobRunShell.run(JobRunShell.java:191)<BR />&nbsp;&nbsp;&nbsp;at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)<BR />Caused by: java.lang.NullPointerException<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource.generateExport(LDAPPersonExportSource.java:205)<BR />&nbsp;&nbsp;&nbsp;at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)<BR />&nbsp;&nbsp;&nbsp;… 3 more<SPAN class="line-numbers-rows"><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN><SPAN>‍</SPAN></SPAN></CODE></PRE><BR /><SPAN>Any ideas whats getting me?</SPAN></BODY></HTML> Thu, 22 Jun 2006 20:25:47 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8353#M2693 idahodeq 2006-06-22T20:25:47Z Re: LDAP Synch error: User missing user id attribute DN https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8354#M2694 <HTML><HEAD></HEAD><BODY><SPAN>Hi</SPAN><BR /><BR /><SPAN>This is fixed in 1.3.</SPAN><BR /><BR /><SPAN>This is due to groups that have no members.</SPAN><BR /><SPAN>You could add a presence filter to the LDAP group query to check for this.</SPAN><BR /><BR /><SPAN>(This is covered in a few other threads)</SPAN><BR /><BR /><SPAN>Regards</SPAN><BR /><BR /><SPAN>Andy</SPAN></BODY></HTML> Tue, 27 Jun 2006 14:18:15 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8354#M2694 andy 2006-06-27T14:18:15Z Re: LDAP Synch error: User missing user id attribute DN https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8355#M2695 <HTML><HEAD></HEAD><BODY><SPAN>Thank you.&nbsp; I thought I read in the other threads this was fixed in 1.2.1, but apparently I read wrong.&nbsp; I had figured this out by filtering my query down to leave out the offending groups/users.</SPAN></BODY></HTML> Wed, 28 Jun 2006 16:11:26 GMT https://connect.hyland.com/t5/alfresco-archive/ldap-synch-error-user-missing-user-id-attribute-dn/m-p/8355#M2695 idahodeq 2006-06-28T16:11:26Z