https://connect.hyland.com/t5/alfresco-forum/ldap-ad-subsystem-sync-error/m-p/109244#M30627 <HTML><HEAD></HEAD><BODY><P>Hi, I have configured authentication and synchronization with ldap-ad subsystem and got errors in alfresco.log. Can anybody help please? Thanks!&nbsp; (I have used the doc in&nbsp;<A href="http://docs.alfresco.com/6.0/concepts/auth-ldap-props.html" rel="nofollow noopener noreferrer">http://docs.alfresco.com/6.0/concepts/auth-ldap-props.html</A>)</P><P></P><PRE style="font-weight: normal; font-size: 14.04px; padding: 0px 0px 0.5em;">Community&nbsp;-&nbsp;6.1.2 (r4fe1d0d0-b205)<BR />Repository Information<BR /><SPAN class="">Edition:</SPAN><SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">Community</SPAN><BR /><SPAN class="">Version Number:</SPAN><SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">6.1.2 (r4fe1d0d0-b205)</SPAN><BR /><SPAN class="">Version Label:</SPAN><SPAN class="" style="color: #555555; font-size: 12.09px; padding-top: 2px;">Alfresco Content Services version and build number.</SPAN><BR /><SPAN class="">Schema:</SPAN><SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">13&nbsp;001</SPAN><SPAN class="" style="color: #555555; font-size: 12.09px; padding-top: 2px;">Alfresco Content Services database schema number.</SPAN><BR /><SPAN class="">Repository Identifier:</SPAN><SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">bd79a43e-b957-4c59-856e-81d68192eb44</SPAN><SPAN class="" style="color: #555555; font-size: 12.09px; padding-top: 2px;">Unique identifier for this repository instance.<BR /></SPAN>System Information<BR />Java Home:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">C:\Program Files\Java\jdk-12.0.1<BR /></SPAN>Java Version:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">12.0.1<BR /></SPAN>Java VM Vendor:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">Oracle Corporation<BR /></SPAN>Operating System:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">Windows Server 2016<BR />Version:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">10.0<BR /></SPAN></SPAN>Architecture:<SPAN>&nbsp;</SPAN><SPAN class="" style="padding-left: 4px; padding-top: 2px;">amd64</SPAN></PRE><DIV class="" style="color: #000000;"><PRE style="padding: 0px 0px 12px;"><BR />My alfresco.log shows:</PRE></DIV><PRE><BR />2019-05-31 13:58:35,336 INFO [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]<BR />2019-05-31 13:58:35,451 INFO [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1] complete<BR />2019-05-31 13:58:35,451 INFO [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, ldap1]<BR />2019-05-31 13:58:35,726 WARN [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] [localhost-startStop-1] LDAP server supports anonymous bind ldaps://srv-dc03.emel.sk:636<BR />2019-05-31 13:58:36,014 INFO [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete</PRE><PRE></PRE><P></P><P>Couple o lines later comes this:</P><PRE><BR />2019-05-31 13:58:47,877 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronizing users and groups with user registry 'ldap1'<BR />2019-05-31 13:58:47,917 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Retrieving all groups from user registry 'ldap1'<BR />2019-05-31 13:58:47,991 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to error<BR />org.alfresco.error.AlfrescoRuntimeException: 04310018 Error during LDAP Search. Reason:[LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:<BR /> 'DC=emel,DC=sk'<BR /> ]<BR /> at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1335)<BR /> at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:713)<BR /> at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:993)<BR /> at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:739)<BR /> at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.access$16(ChainingUserRegistrySynchronizer.java:474)<BR /> at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:2138)<BR /> at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:623)</PRE><P>more from log in attachement.</P><P></P><P>My alfresco-global.properties for ldap-ad are:</P><PRE>authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad<BR /><BR />ldap.authentication.active=true<BR />ldap.authentication.java.naming.security.authentication=simple<BR />ldap.authentication.userNameFormat=%s<BR />ldap.authentication.allowGuestLogin=false<BR />ldap.authentication.java.naming.provider.url=ldaps://xxx.emel.sk:636<BR />ldap.synchronization.java.naming.security.principal=yyy@emel.sk<BR />ldap.synchronization.java.naming.security.credentials=zzz<BR />ldap.authentication.escapeCommasInBind=false<BR />ldap.authentication.escapeCommasInUid=false<BR />ldap.synchronization.queryBatchSize=1000<BR />ldap.synchronization.groupSearchBase=cn\=users,ou=EMEL,dc=emel,dc=sk<BR />ldap.synchronization.userSearchBase=cn\=users,ou=EMEL Users,ou=Customizacia,dc=emel,dc=sk<BR />ldap.synchronization.userFirstNameAttributeName=givenName<BR />ldap.synchronization.userLastNameAttributeName=sn<BR />ldap.synchronization.userEmailAttributeName=mail<BR />ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider<BR />ldap.synchronization.groupIdAttributeName=cn<BR />ldap.synchronization.groupType=Nogroup<BR />ldap.synchronization.personType=user<BR />ldap.synchronization.groupMemberAttributeName=member<BR />synchronization.synchronizeChangesOnly=true<BR />cifs.enabled=false</PRE><P></P><PRE></PRE></BODY></HTML> Fri, 31 May 2019 12:17:35 GMT janovjak 2019-05-31T12:17:35Z https://connect.hyland.com/t5/alfresco-forum/ldap-ad-subsystem-sync-error/m-p/109244#M30627 Hi, I have configured authentication and synchronization with ldap-ad subsystem and got errors in alfresco.log. Can anybody help please? Thanks!&nbsp; (I have used the doc in&nbsp;http://docs.alfresco.com/6.0/concepts/auth-ldap-props.html)Community&nbsp;-&nbsp;6.1.2 (r4fe1d0d0-b205)Repository InformationEdition:&nbsp;Commun Fri, 31 May 2019 12:17:35 GMT https://connect.hyland.com/t5/alfresco-forum/ldap-ad-subsystem-sync-error/m-p/109244#M30627 janovjak 2019-05-31T12:17:35Z https://connect.hyland.com/t5/alfresco-forum/ldap-ad-subsystem-sync-error/m-p/109245#M30628 <HTML><HEAD></HEAD><BODY><P>I think I found a solution which worked for me <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span> after two weeks...</P><P>The problems are the "non existing" space in CN entry after comma.</P><P>For me its working with this entries</P><PRE>ldap.synchronization.groupSearchBase=OU=EMEL Users, DC=emel, DC=sk<BR />ldap.synchronization.userSearchBase=OU=Customizacia, OU=EMEL Users, DC=emel, DC=sk<BR /><BR />Cheers!</PRE></BODY></HTML> Fri, 31 May 2019 14:31:01 GMT https://connect.hyland.com/t5/alfresco-forum/ldap-ad-subsystem-sync-error/m-p/109245#M30628 janovjak 2019-05-31T14:31:01Z