topic Subtree ldap in Alfresco Forum

Subtree ldap

maiconramones — Mon, 27 Mar 2017 19:14:30 GMT

My ldap have subtree like thiscn=users cn=r uid=rodrigo cn=l uid=louisThe question is: how to configure alfresco to use a dynamic cn. The documentation contain a information about the "ldap.authentication.userNameFormat" and said "If set to an empty string (the default fo

Re: Subtree ldap

mehe — Tue, 28 Mar 2017 05:51:34 GMT

Maybe you can use another approach - search for objecttype=person that are memberOf users group...

But we need to have more information about your ldap structure - what kind of object are your "cn"s for example.

Alternative: tag your Alfresco users with a special property or put them in a special group...

Re: Subtree ldap

idwright — Tue, 28 Mar 2017 08:37:56 GMT

I think what you want is to set the value of

ldap.synchronization.userIdAttributeName=uid

with ldap.authentication.userNameFormat not set

You may also need something like

ldap.synchronization.personQuery=(objectclass\=posixAccount)

Re: Subtree ldap

mehe — Tue, 28 Mar 2017 10:49:44 GMT

Hi,

Ian is right. If you use a posix user directory (Linux, zimbra, etc.) your objectclass would be posixAccount

ldap.synchronisation.personQuery=(objectclass=posixAccount)

ldap.synchronisation.groupQuery=(objectclass=posixGroup)

would be the simplest queries, retrieving all groups and users.

If you'd describe your environment, we could narrow it down.

Re: Subtree ldap

maiconramones — Tue, 28 Mar 2017 16:15:12 GMT

Hello, sorry for delay. I solved this problem using:

ldap.authentication.userNameFormat=
ldap.synchronization.userIdAttributeName=uid
lap.synchronization.personQuery=(objectclass=Xyz)

Now all user can login independently of CN

One more time, Thanks!