https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113487#M79904 <HTML><HEAD></HEAD><BODY><P>Venzia:</P><P>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Muchas gracias por tu respuesta, te cuento que la autenticacion la logre de manera exitosa, tambein logre de manera exitosa hacerlo mediante sso. EL unico inconveniente que tengo es:</P><P></P><P>Al realizar cambios entre los usuarios (por ejemplo a un usuario asignarle un nuevo grupo) no veo que alfresco tome los cambios, ni siquiera a las 00 hs o reiniciando manualmente alfresco.</P><P></P><P>Les dejo mis archivos de configuracion:</P><P></P><OL><LI><STRONG>&nbsp;/opt/alfresco-community/tomcat/shared/classes/alfresco/extension/subsystems/Synchronization/default/default-synchronization.properties</STRONG></LI></OL><P></P><P>#<BR /># This properties file is used to configure user registry syncronisation (e.g. LDAP)<BR />#</P><P># Should the scheduled sync job use differential or full queries on the user<BR /># registries to determine the set of local users to be updated? When true,<BR /># each user registry is only queried for those users and groups modified since<BR /># the most recent modification date of all the objects last queried from that<BR /># same source. When &lt;code&gt;false&lt;/code&gt; then &lt;i&gt;all&lt;/i&gt; users and groups are<BR /># queried from the user registry and updated locally. Nevertheless, a separate<BR /># query will be run by the scheduled sync job to determine deletions.<BR />synchronization.synchronizeChangesOnly=true</P><P># The cron expression defining when imports should take place<BR />synchronization.import.cron=00,02 * * * * ?</P><P># Should we trigger a differential sync when missing people log in?<BR />synchronization.syncWhenMissingPeopleLogIn=true</P><P># Should we trigger a differential sync on startup?<BR />synchronization.syncOnStartup=true</P><P># Should we auto create a missing person on log in?<BR />synchronization.autoCreatePeopleOnLogin=true</P><P># The number of entries to process before logging progress<BR />synchronization.loggingInterval=100</P><P># The number of threads to use when doing a batch (scheduled or startup) sync<BR />synchronization.workerThreads=1</P><P># Synchronization with deletions<BR />synchronization.allowDeletions=true</P><P># For large LDAP directories the delete query is expensive and time consuming, needing to read the entire LDAP directory.<BR />synchronization.syncDelete=true</P><P># external setting (LDAP systems) - whether users can be enabled; if false then users have to be explicitly disabled in Alfresco<BR />synchronization.externalUserControl=false</P><P># Subsystem that will handle the external user control<BR />synchronization.externalUserControlSubsystemName=</P><P></P><P>2.&nbsp;<STRONG>&nbsp;/opt/alfresco-community/tomcat/shared/classes/alfresco/extension/subsystems/Synchronization/default/default-synchronization-context.xml</STRONG></P><P></P><P>&lt;?xml version='1.0' encoding='UTF-8'?&gt;<BR /><SPAN>&lt;!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' '</SPAN><A class="jive-link-external-small" href="http://www.springframework.org/dtd/spring-beans.dtd" rel="nofollow noopener noreferrer" target="_blank">http://www.springframework.org/dtd/spring-beans.dtd</A><SPAN>'&gt;</SPAN></P><P>&lt;beans&gt;<BR /> &lt;!--<BR /> Job definition to import people and groups from one or more external user registries in the authentication chain<BR /> (e.g. LDAP directory)<BR /> --&gt;</P><P>&lt;bean id="syncTrigger" class="org.alfresco.util.CronTriggerBean"&gt;<BR /> &lt;property name="jobDetail"&gt;<BR /> &lt;bean id="ldapPeopleJobDetail" class="org.springframework.scheduling.quartz.JobDetailBean"&gt;<BR /> &lt;property name="jobClass"&gt;<BR /> &lt;value&gt;org.alfresco.repo.security.sync.UserRegistrySynchronizerJob&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="jobDataAsMap"&gt;<BR /> &lt;map&gt;<BR /> &lt;entry key="userRegistrySynchronizer"&gt;<BR /> &lt;ref bean="userRegistrySynchronizer" /&gt;<BR /> &lt;/entry&gt;<BR /> &lt;entry key="synchronizeChangesOnly"&gt;<BR /> &lt;value&gt;${synchronization.synchronizeChangesOnly}&lt;/value&gt;<BR /> &lt;/entry&gt;<BR /> &lt;/map&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="cronExpression"&gt;<BR /> &lt;value&gt;${synchronization.import.cron}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="scheduler"&gt;<BR /> &lt;ref bean="schedulerFactory" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="startDelayMinutes"&gt;<BR /> &lt;value&gt;${system.cronJob.startDelayMinutes}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;</P><P>&lt;bean id="userRegistrySynchronizer" class="org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer" init-method="init" &gt;<BR /> &lt;property name="syncWhenMissingPeopleLogIn"&gt;<BR /> &lt;value&gt;${synchronization.syncWhenMissingPeopleLogIn}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="syncOnStartup"&gt;<BR /> &lt;value&gt;${synchronization.syncOnStartup}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="autoCreatePeopleOnLogin"&gt;<BR /> &lt;value&gt;${synchronization.autoCreatePeopleOnLogin}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="authorityService"&gt;<BR /> &lt;ref bean="authorityService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="personService"&gt;<BR /> &lt;ref bean="personService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="attributeService"&gt;<BR /> &lt;ref bean="attributeService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="applicationContextManager"&gt;<BR /> &lt;ref bean="Authentication" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="transactionService"&gt;<BR /> &lt;ref bean="transactionService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="jobLockService"&gt;<BR /> &lt;ref bean="jobLockService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="sysAdminParams"&gt;<BR /> &lt;ref bean="sysAdminParams" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="sourceBeanName"&gt;<BR /> &lt;value&gt;userRegistry&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="loggingInterval"&gt;<BR /> &lt;value&gt;${synchronization.loggingInterval}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="workerThreads"&gt;<BR /> &lt;value&gt;${synchronization.workerThreads}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="allowDeletions"&gt;<BR /> &lt;value&gt;${synchronization.allowDeletions}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="syncDelete"&gt;<BR /> &lt;value&gt;${synchronization.syncDelete}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="nameChecker" ref="nameChecker" /&gt;<BR /> &lt;property name="externalUserControl"&gt;<BR /> &lt;value&gt;${synchronization.externalUserControl}&lt;/value&gt;<BR /> &lt;/property&gt;</P><P>&lt;property name="externalUserControlSubsystemName"&gt;<BR /> &lt;value&gt;${synchronization.externalUserControlSubsystemName}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;</P><P>&lt;/beans&gt;</P><P></P><P>3.&nbsp;<STRONG>/opt/alfresco-community/tomcat/shared/classes/alfresco-global.properties</STRONG></P><P></P><P>### configured to use the external authentication SSO<BR />authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm<BR />external.authentication.proxyUserName=<BR />external.authentication.enabled=true<BR />external.authentication.defaultAdministratorUserNames=nalvarez<BR />external.authentication.proxyHeader=X-Alfresco-Remote-User</P><P><BR />### Cache de transacciones ###</P><P>cache.myCache.maxItems=20000<BR />cache.myCache.timeToLiveSeconds=0</P></BODY></HTML> Tue, 03 Jul 2018 11:17:58 GMT nalvarez_colesc 2018-07-03T11:17:58Z https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113485#M79902 Muy buenos dias a todos !!!! Disculpen la molestia, pero necesito de vuestra ayuda.&nbsp;Cuento con una instalacion de alfresco estoy usando la version "Alfresco Community v5.2.0", la autenticacion de usuarios la configure mediante LDAP. La misma funciona correctamente, ahora, no tengo claro como seria l Mon, 02 Jul 2018 12:33:26 GMT https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113485#M79902 nalvarez_colesc 2018-07-02T12:33:26Z https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113486#M79903 <HTML><HEAD></HEAD><BODY><P>Hola Nelson,</P><P>puedes ver un ejemplo de autenticación y sincronización en&nbsp;<A href="http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html" title="http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html" rel="nofollow noopener noreferrer">Example: authentication and synchronization with one ldap-ad subsystem | Alfresco Documentation</A>&nbsp;</P><P>Así mismo, te indico la lista de referencia de "propiedades configurables" :&nbsp;<A href="http://docs.alfresco.com/community/concepts/auth-ldap-props.html" title="http://docs.alfresco.com/community/concepts/auth-ldap-props.html" rel="nofollow noopener noreferrer">LDAP configuration properties | Alfresco Documentation</A>&nbsp;</P><P></P><P>Saludos!</P><P></P><P><SPAN style="color: #666666; background-color: #ffffff; font-size: 13px;">--</SPAN></P><P></P><P><A data-saferedirecturl="https://www.google.com/url?q=http://venzia.es/&amp;source=gmail&amp;ust=1530699333500000&amp;usg=AFQjCNH93bmOpeJqG7wHROlmNRYtbSSPag" href="http://venzia.es/" style="color: #1155cc; background-color: #ffffff; font-size: 13px;" target="_blank" rel="nofollow noopener noreferrer">http://venzia.es</A><BR style="color: #666666; background-color: #ffffff; font-size: 13px;" /><SPAN style="color: #666666; background-color: #ffffff; font-size: 13px;">The beauty of make IT simple</SPAN><BR style="color: #666666; background-color: #ffffff; font-size: 13px;" /><SPAN style="color: #666666; background-color: #ffffff; font-size: 13px;"><A data-saferedirecturl="https://www.google.com/url?q=https://twitter.com/venziait&amp;source=gmail&amp;ust=1530699333500000&amp;usg=AFQjCNGSnLfgwqtB9C__M_cgBdE3PsT_lw" href="https://twitter.com/venziait" style="color: #1155cc;" target="_blank" rel="nofollow noopener noreferrer">@venziait</A></SPAN></P></BODY></HTML> Tue, 03 Jul 2018 10:31:50 GMT https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113486#M79903 venzia 2018-07-03T10:31:50Z https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113487#M79904 <HTML><HEAD></HEAD><BODY><P>Venzia:</P><P>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Muchas gracias por tu respuesta, te cuento que la autenticacion la logre de manera exitosa, tambein logre de manera exitosa hacerlo mediante sso. EL unico inconveniente que tengo es:</P><P></P><P>Al realizar cambios entre los usuarios (por ejemplo a un usuario asignarle un nuevo grupo) no veo que alfresco tome los cambios, ni siquiera a las 00 hs o reiniciando manualmente alfresco.</P><P></P><P>Les dejo mis archivos de configuracion:</P><P></P><OL><LI><STRONG>&nbsp;/opt/alfresco-community/tomcat/shared/classes/alfresco/extension/subsystems/Synchronization/default/default-synchronization.properties</STRONG></LI></OL><P></P><P>#<BR /># This properties file is used to configure user registry syncronisation (e.g. LDAP)<BR />#</P><P># Should the scheduled sync job use differential or full queries on the user<BR /># registries to determine the set of local users to be updated? When true,<BR /># each user registry is only queried for those users and groups modified since<BR /># the most recent modification date of all the objects last queried from that<BR /># same source. When &lt;code&gt;false&lt;/code&gt; then &lt;i&gt;all&lt;/i&gt; users and groups are<BR /># queried from the user registry and updated locally. Nevertheless, a separate<BR /># query will be run by the scheduled sync job to determine deletions.<BR />synchronization.synchronizeChangesOnly=true</P><P># The cron expression defining when imports should take place<BR />synchronization.import.cron=00,02 * * * * ?</P><P># Should we trigger a differential sync when missing people log in?<BR />synchronization.syncWhenMissingPeopleLogIn=true</P><P># Should we trigger a differential sync on startup?<BR />synchronization.syncOnStartup=true</P><P># Should we auto create a missing person on log in?<BR />synchronization.autoCreatePeopleOnLogin=true</P><P># The number of entries to process before logging progress<BR />synchronization.loggingInterval=100</P><P># The number of threads to use when doing a batch (scheduled or startup) sync<BR />synchronization.workerThreads=1</P><P># Synchronization with deletions<BR />synchronization.allowDeletions=true</P><P># For large LDAP directories the delete query is expensive and time consuming, needing to read the entire LDAP directory.<BR />synchronization.syncDelete=true</P><P># external setting (LDAP systems) - whether users can be enabled; if false then users have to be explicitly disabled in Alfresco<BR />synchronization.externalUserControl=false</P><P># Subsystem that will handle the external user control<BR />synchronization.externalUserControlSubsystemName=</P><P></P><P>2.&nbsp;<STRONG>&nbsp;/opt/alfresco-community/tomcat/shared/classes/alfresco/extension/subsystems/Synchronization/default/default-synchronization-context.xml</STRONG></P><P></P><P>&lt;?xml version='1.0' encoding='UTF-8'?&gt;<BR /><SPAN>&lt;!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' '</SPAN><A class="jive-link-external-small" href="http://www.springframework.org/dtd/spring-beans.dtd" rel="nofollow noopener noreferrer" target="_blank">http://www.springframework.org/dtd/spring-beans.dtd</A><SPAN>'&gt;</SPAN></P><P>&lt;beans&gt;<BR /> &lt;!--<BR /> Job definition to import people and groups from one or more external user registries in the authentication chain<BR /> (e.g. LDAP directory)<BR /> --&gt;</P><P>&lt;bean id="syncTrigger" class="org.alfresco.util.CronTriggerBean"&gt;<BR /> &lt;property name="jobDetail"&gt;<BR /> &lt;bean id="ldapPeopleJobDetail" class="org.springframework.scheduling.quartz.JobDetailBean"&gt;<BR /> &lt;property name="jobClass"&gt;<BR /> &lt;value&gt;org.alfresco.repo.security.sync.UserRegistrySynchronizerJob&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="jobDataAsMap"&gt;<BR /> &lt;map&gt;<BR /> &lt;entry key="userRegistrySynchronizer"&gt;<BR /> &lt;ref bean="userRegistrySynchronizer" /&gt;<BR /> &lt;/entry&gt;<BR /> &lt;entry key="synchronizeChangesOnly"&gt;<BR /> &lt;value&gt;${synchronization.synchronizeChangesOnly}&lt;/value&gt;<BR /> &lt;/entry&gt;<BR /> &lt;/map&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="cronExpression"&gt;<BR /> &lt;value&gt;${synchronization.import.cron}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="scheduler"&gt;<BR /> &lt;ref bean="schedulerFactory" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="startDelayMinutes"&gt;<BR /> &lt;value&gt;${system.cronJob.startDelayMinutes}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;</P><P>&lt;bean id="userRegistrySynchronizer" class="org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer" init-method="init" &gt;<BR /> &lt;property name="syncWhenMissingPeopleLogIn"&gt;<BR /> &lt;value&gt;${synchronization.syncWhenMissingPeopleLogIn}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="syncOnStartup"&gt;<BR /> &lt;value&gt;${synchronization.syncOnStartup}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="autoCreatePeopleOnLogin"&gt;<BR /> &lt;value&gt;${synchronization.autoCreatePeopleOnLogin}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="authorityService"&gt;<BR /> &lt;ref bean="authorityService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="personService"&gt;<BR /> &lt;ref bean="personService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="attributeService"&gt;<BR /> &lt;ref bean="attributeService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="applicationContextManager"&gt;<BR /> &lt;ref bean="Authentication" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="transactionService"&gt;<BR /> &lt;ref bean="transactionService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="jobLockService"&gt;<BR /> &lt;ref bean="jobLockService" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="sysAdminParams"&gt;<BR /> &lt;ref bean="sysAdminParams" /&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="sourceBeanName"&gt;<BR /> &lt;value&gt;userRegistry&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="loggingInterval"&gt;<BR /> &lt;value&gt;${synchronization.loggingInterval}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="workerThreads"&gt;<BR /> &lt;value&gt;${synchronization.workerThreads}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="allowDeletions"&gt;<BR /> &lt;value&gt;${synchronization.allowDeletions}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="syncDelete"&gt;<BR /> &lt;value&gt;${synchronization.syncDelete}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;property name="nameChecker" ref="nameChecker" /&gt;<BR /> &lt;property name="externalUserControl"&gt;<BR /> &lt;value&gt;${synchronization.externalUserControl}&lt;/value&gt;<BR /> &lt;/property&gt;</P><P>&lt;property name="externalUserControlSubsystemName"&gt;<BR /> &lt;value&gt;${synchronization.externalUserControlSubsystemName}&lt;/value&gt;<BR /> &lt;/property&gt;<BR /> &lt;/bean&gt;</P><P>&lt;/beans&gt;</P><P></P><P>3.&nbsp;<STRONG>/opt/alfresco-community/tomcat/shared/classes/alfresco-global.properties</STRONG></P><P></P><P>### configured to use the external authentication SSO<BR />authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm<BR />external.authentication.proxyUserName=<BR />external.authentication.enabled=true<BR />external.authentication.defaultAdministratorUserNames=nalvarez<BR />external.authentication.proxyHeader=X-Alfresco-Remote-User</P><P><BR />### Cache de transacciones ###</P><P>cache.myCache.maxItems=20000<BR />cache.myCache.timeToLiveSeconds=0</P></BODY></HTML> Tue, 03 Jul 2018 11:17:58 GMT https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113487#M79904 nalvarez_colesc 2018-07-03T11:17:58Z https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113488#M79905 <HTML><HEAD></HEAD><BODY><P>Hola de nuevo Nelson,</P><P>por lo que indica la propiedad chain de tu alfresco-global.properties dudo que tengas configurado si quiera la autenticación por LDAP.&nbsp;Debería ser algo así :</P><PRE class="" style="color: #333333; background-color: #f5f5f5; border: 1px solid #888888; margin: 0px 0px 20px; padding: 2px;"><SPAN class="" style="color: #000000;">authentication</SPAN><SPAN class="" style="color: #666600;">.</SPAN><SPAN class="" style="color: #000000;">chain</SPAN><SPAN class="" style="color: #666600;">=</SPAN><SPAN class="" style="color: #000000;">alfinst</SPAN><SPAN class="" style="color: #666600;">:</SPAN><SPAN class="" style="color: #000000;">alfrescoNtlm</SPAN><SPAN class="" style="color: #666600;">,</SPAN><SPAN style="color: #993300;"><STRONG><SPAN class="">ldap1</SPAN><SPAN class="">:</SPAN><SPAN class="">ldap</SPAN><SPAN class="">-</SPAN><SPAN class="">ad</SPAN></STRONG></SPAN></PRE><P>Es posible que este aceptando cualquier login?</P><P></P><P>Saludos!</P><P></P><P style="color: #727174; background-color: #ffffff; border: 0px;"><SPAN style="color: #666666; background-color: #ffffff; border: 0px; font-weight: inherit; font-size: 13px;">--</SPAN></P><P style="color: #727174; background-color: #ffffff; border: 0px;">&nbsp;</P><P style="color: #727174; background-color: #ffffff; border: 0px;"><A class="" href="http://venzia.es/" rel="nofollow noopener noreferrer" style="color: #1155cc; background-color: #ffffff; border: 0px; font-weight: inherit; text-decoration: none; font-size: 13px; padding: 0px calc(12px + 0.35ex) 0px 0px;" target="_blank">http://venzia.es</A><BR style="color: #666666; background-color: #ffffff; font-size: 13px;" /><SPAN style="color: #666666; background-color: #ffffff; border: 0px; font-weight: inherit; font-size: 13px;">The beauty of make IT simple</SPAN><BR style="color: #666666; background-color: #ffffff; font-size: 13px;" /><SPAN style="color: #666666; background-color: #ffffff; border: 0px; font-weight: inherit; font-size: 13px;"><A class="" href="https://twitter.com/venziait" rel="nofollow noopener noreferrer" style="color: #1155cc; border: 0px; font-weight: inherit; text-decoration: none; font-size: 13px; padding: 0px calc(12px + 0.35ex) 0px 0px;" target="_blank">@venziait</A></SPAN></P></BODY></HTML> Tue, 03 Jul 2018 11:37:58 GMT https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113488#M79905 venzia 2018-07-03T11:37:58Z https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113489#M79906 <HTML><HEAD></HEAD><BODY><P>Venzia:</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Una vez mas muchas gracias por tu pronta respuesta, te cuento que el login por ldap funciona,:&nbsp;</P><P></P><P><SPAN style="color: #727174; background-color: #ffffff;">authentication.chain=external1:external,alfrescoNtlm1:alfrescoNtlm</SPAN></P><P></P><P><SPAN style="color: #727174; background-color: #ffffff;">En esta linea el external hace referencia al external que es nuestro CAS, y la linea:&nbsp;</SPAN></P><P></P><P><SPAN style="color: #727174; background-color: #ffffff;"><SPAN>external.authentication.proxyHeader=X-Alfresco-Remote-User</SPAN></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"><SPAN>Es para que tome el usuario desde la cookie del CAS, que es de ldap, es mas, si yo realizo una busqueda en alfresco veo todos los usuarios del ldap, y si creo un usuario en ldap, que no figura en alfresco, en el primer login me lo actualiza ok. El problema lo tengo con las modificaciones especificas de usuario, como te decia por ej: a un usuario lo agrego en un grupo, o lo quito de un grupo, esto nunca impacta.</SPAN></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"><SPAN>Por otro lado, ahora noto que no me importo todo el ldap, solo 500 registros. Tambien me surge la duda, si es posible importar desde ldap solo un grupo en especifico o dos ? Digamos por ej:</SPAN></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"></SPAN></P><P><SPAN style="color: #727174; background-color: #ffffff;"><SPAN>Solo quiero importar el grupo "empleados" y el grupo "informatica"</SPAN></SPAN></P></BODY></HTML> Tue, 03 Jul 2018 12:08:30 GMT https://connect.hyland.com/t5/alfresco-archive/sincronizan-usuarios-ldap/m-p/113489#M79906 nalvarez_colesc 2018-07-03T12:08:30Z