https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75714#M24033 <HTML><HEAD></HEAD><BODY><DIV class=""><P>Hey guys,</P><P>I stuck in LDAP-AD Integration since I'm new to alfresco. I followed as below.</P><P>Please confirm me the work flow which I've done is whether right or wrong. </P><P>In the first,</P><P>1. Added the authentication-chain in alfresc-global.properties file.</P><P>2. Created a ldap-authentication.properties file and ldap-authentication-context.xml file under the [C:\alfresco-community\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad1] folder.</P><P>This is my current work for LDAP-AD Integration.</P><P style="min-height: 8pt; padding: 0px;">&nbsp;</P><P><STRONG>So, my doubt is, should I add any files other than the above .properties files and .xml file.&nbsp;</STRONG></P><P>If so please let me know, what files I should add and where I'm supposed to add. [i.e. folder path]</P><P></P><P>I'm getting the below errors:</P><P><STRONG> 1. </STRONG>ERROR [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] [localhost-startStop-1] Unable to connect to LDAP Server; check LDAP configuration<BR />javax.naming.CommunicationException: domaincontroller.company.com:389 [Root exception is java.net.ConnectException: Connection timed out: connect]</P><P><STRONG>2. </STRONG>ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to error<BR />org.alfresco.repo.security.authentication.AuthenticationException: 04030019 Failed to communicate with ldap://domaincontroller.company.com:389. Reason javax.naming.CommunicationException, domaincontroller.company.com:389, java.net.ConnectException, Connection timed out: connect</P><P></P><P></P>Below is the properties which I'm running for LDAP-AD Integration.</DIV><DIV class=""><BR /><P><SPAN style="text-decoration: underline;"><STRONG>The below code written in alfresco-gloabl.properties file:</STRONG></SPAN></P><P>authentication.chain=ldap-ad1:ldap-ad, alfinst:alfrescoNtlm<BR />synchronization.import.cron=0 0 18 * * ?<BR />synchronization.synchronizeChangeOnly=false</P><P></P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>The below code written in ldap-authentication.properties file:</STRONG></SPAN></P><P>ldap.authentication.active=true<BR />ldap.authentication.allowGuestLogin=true<BR /><A class="jive-link-email-small" href="https://migration33.stage.lithium.com/" rel="nofollow noopener noreferrer">ldap.authentication.userNameFormat=%s@xyz.com</A><SPAN> </SPAN><BR />ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory<BR /># IP address or name of your LDAP server - (port 389 is the default for LDAP)<BR />ldap.authentication.java.naming.provider.url=ldap://svr01.xyz.com:389<BR />ldap.authentication.java.naming.security.authentication=simple</P><P></P><P>ldap.authentication.escapeCommasInBind=false<BR />ldap.authentication.escapeCommasInUid=false<BR />ldap.authentication.defaultAdministratorUserNames=admin<BR />ldap.authentication.authenticateFTP=true</P><P></P><P># Enable synchronisation ..<BR />ldap.synchronization.active=true<BR />ldap.synchronization.java.naming.security.authentication=simple<BR />ldap.synchronization.java.naming.security.principal=uid=admin,ou=system<BR />ldap.synchronization.java.naming.security.credentials=secret<BR /># synchronization.syncOnStartup=true</P><P></P><P>ldap.synchronization.queryBatchSize=500<BR />ldap.synchronization.attributeBatchSize=0</P><P></P><P># Group, person Query and Differential Query<BR />ldap.synchronization.groupQuery=(objectclass\=groupOfUniqueNames)<BR />ldap.synchronization.groupDifferentialQuery=(&amp;(objectclass\=groupOfUniqueNames)(!(modifyTimestamp&lt;\={0})))<BR />ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)<BR />ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=inetOrgPerson)(!(modifyTimestamp&lt;\={0})))<BR /># Search and Timestamp<BR />ldap.synchronization.groupSearchBase=dc\=xyz,dc\=com<BR />ldap.synchronization.userSearchBase=ou\=users,dc\=xyz,dc\=com<BR />ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp<BR />ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'</P><P></P><P># The attribute name on people objects to use as the uid in Alfresco<BR />ldap.synchronization.userIdAttributeName=uid<BR /># The attribute on person objects in LDAP to map to the first name property in Alfresco<BR />ldap.synchronization.userFirstNameAttributeName=givenName<BR /># The attribute on person objects in LDAP to map to the last name property in Alfresco<BR />ldap.synchronization.userLastNameAttributeName=sn<BR /># The attribute on person objects in LDAP to map to the email property in Alfresco<BR />ldap.synchronization.userEmailAttributeName=mail<BR />ldap.synchronization.userOrganizationalIdAttributeName=o<BR />ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider<BR /># The attribute on group objects to map to the authority name property in Alfresco<BR />ldap.synchronization.groupIdAttributeName=cn<BR /># The attribute on group objects to map to the authority display name property in Alfresco<BR />ldap.synchronization.groupDisplayNameAttributeName=cn<BR /># The group type<BR />ldap.synchronization.groupType=groupOfUniqueNames<BR /># The person type<BR />ldap.synchronization.personType=inetOrgPerson<BR /># The attribute on group objects that defines the DN for its members<BR />ldap.synchronization.groupMemberAttributeName=uniqueMember<BR />ldap.synchronization.enableProgressEstimation=true<BR />ldap.authentication.java.naming.read.timeout=0</P><P></P><P>And the xml files are attached.</P><P>[fyi: These two xml files are located in ldap-ad1 folder only.]</P><P>Any help is appreciated.</P><P></P><P></P><P><B>Cesar Capillas</B>‌ You're veteran in LDAP-AD Integration. [ I followed as you suggested me in last post but it didn't work: fyi <A _jive_internal="true" class="link-titled" href="https://community.alfresco.com/message/831826-re-not-able-to-login-during-ldap-ad-integration?commentID=831826&amp;et=watches.email.outcome#comment-831826" title="https://community.alfresco.com/message/831826-re-not-able-to-login-during-ldap-ad-integration?commentID=831826&amp;et=watches.email.outcome#comment-831826" rel="nofollow noopener noreferrer">https://community.alfresco.com/message/831826-re-not-able-to-login-during-ldap-ad-integration?commentID=831826&amp;et=watche…</A>&nbsp; ] Please help me out sir. <img id="smileysad" class="emoticon emoticon-smileysad" src="https://connect.hyland.com/i/smilies/16x16_smiley-sad.png" alt="Smiley Sad" title="Smiley Sad" /> <IMG src="https://connect.hyland.com/legacyfs/online/alfresco/emoticons/cry.png" /> </P><P></P><P></P><P></P><P>Regards,</P><P>Raghu</P></DIV></BODY></HTML> Thu, 03 May 2018 08:36:03 GMT raghunandangowd 2018-05-03T08:36:03Z https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75714#M24033 Hey guys,I stuck in LDAP-AD Integration since I'm new to alfresco. I followed as below.Please confirm me the work flow which I've done is whether right or wrong. In the first,1. Added the authentication-chain in alfresc-global.properties file.2. Created a ldap-authentication.properties file and ldap Thu, 03 May 2018 08:36:03 GMT https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75714#M24033 raghunandangowd 2018-05-03T08:36:03Z https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75715#M24034 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>Looking at error you shared, connection is not happening and getting timeout.</P><P></P><P>First check point for you should be to verify connection detail you mentioned in&nbsp;ldap-authentication.properties file.</P><P>You may try same host, port, principle and credential with some LDAP client to confirm its working and you are able to connect.&nbsp;</P></BODY></HTML> Thu, 03 May 2018 09:02:40 GMT https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75715#M24034 jayesh_prajapat 2018-05-03T09:02:40Z https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75716#M24035 <HTML><HEAD></HEAD><BODY><P>I hope following links give you some more idea,</P><P><A href="https://migration33.stage.lithium.com/thread/168730">Cannot get LDAP Synch to work with AD</A>&nbsp;<BR /><A href="https://migration33.stage.lithium.com/thread/192174">I need help in integrating AD with alfresco</A>&nbsp;</P><P><A class="link-titled" href="https://docs.alfresco.com/community5.0/concepts/auth-ldap-intro.html" title="https://docs.alfresco.com/community5.0/concepts/auth-ldap-intro.html" rel="nofollow noopener noreferrer">Configuring LDAP | Alfresco Documentation</A>&nbsp;</P></BODY></HTML> Thu, 03 May 2018 09:07:58 GMT https://connect.hyland.com/t5/alfresco-forum/problem-in-ldap-ad-process-and-doubt-in-workflow/m-p/75716#M24035 jayesh_prajapat 2018-05-03T09:07:58Z