https://connect.hyland.com/t5/alfresco-forum/specific-groups-login/m-p/489458#M40099 <P>Hi, can you share a screenshot about the group path you want to sync and allow assigned users to log in?</P><P>KR,</P> Wed, 30 Apr 2025 16:21:07 GMT venzia 2025-04-30T16:21:07Z https://connect.hyland.com/t5/alfresco-forum/specific-groups-login/m-p/489180#M40080 <P>&nbsp;</P><P>I want to be able login only few groups from AD.</P><P>I created two configuration files. In the first config. was loaded all users and groups and disabled authetification.</P><P>In the second config. is enabled authetification so people mapped in groups in personQuery are able to login.</P><P>Problem is that login can everyone. Also I have this error:</P><P>org.alfresco.error.AlfrescoRuntimeException: 10240018 Error during LDAP Search. Reason:[LDAP: error code 32 - 0000208D: NameErr: DSID-03100241, problem 2001 (NO_OBJECT), data 0, best match of:</P><P>'DC=sp,DC=local'</P><P>]</P><P>I think i have a bad logic with this. Can someone please provide me some correct info? To allow login only for specific group, not for everyone.</P><P>First Config</P><P>&nbsp;</P><LI-CODE lang="markup">ntlm.authentication.sso.enabled=false synchronization.synchronizeChangesOnly=false synchronization.syncOnStartup=true ldap.synchronization.active=true ldap.authentication.active=false #KREDENC ldap.synchronization.java.naming.security.principal=login ldap.synchronization.java.naming.security.credentials=password ldap.authentication.userNameFormat=%s@domain ldap.authentication.java.naming.provider.url=ldap://ip:port ldap.synchronization.userEmailAttributeName=mail ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco ldap.synchronization.groupSearchBase=ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local ldap.synchronization.userSearchBase=cn\=Users,cn\=cp,dc\=kl,dc\=local ldap.synchronization.groupQuery=objectclass\=group ldap.synchronization.personQuery=objectclass\=user</LI-CODE><P><SPAN>Second Config</SPAN></P><LI-CODE lang="markup">ldap.authentication.active=true ldap.synchronization.active=false ldap.synchronization.java.naming.security.principal=login ldap.synchronization.java.naming.security.credentials=password ldap.authentication.userNameFormat=%s@domain ldap.authentication.java.naming.provider.url=ldap://ip:port ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco ldap.synchronization.groupSearchBase=ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local ldap.synchronization.userSearchBase=cn\=Users,cn\=cp,dc\=kl,dc\=local ldap.synchronization.userIdAttributeName=sAMAccountName ldap.synchronization.userType=user ldap.synchronization.personQuery=(&amp;(objectclass\=user)(memberOf=cn\=GROUP1,ou\=DMS_1,ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local)(memberOf=cn\=GROUP2,ou\=DMS_1,ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local)(userAccountControl:1.2.840.113556.1.4.803:=512)) ldap.synchronization.personDifferentialQuery=(&amp;(objectclass\=user)(memberOf=cn\=GROUP1,ou\=DMS_1,ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local)(memberOf=cn\=GROUP2,ou\=DMS_1,ou\=DMS,ou\=Security Groups,ou\=mp,dc\=sp,dc\=local)(userAccountControl:1.2.840.113556.1.4.803:=512))</LI-CODE> Tue, 22 Apr 2025 08:35:40 GMT https://connect.hyland.com/t5/alfresco-forum/specific-groups-login/m-p/489180#M40080 Autophobia 2025-04-22T08:35:40Z https://connect.hyland.com/t5/alfresco-forum/specific-groups-login/m-p/489458#M40099 <P>Hi, can you share a screenshot about the group path you want to sync and allow assigned users to log in?</P><P>KR,</P> Wed, 30 Apr 2025 16:21:07 GMT https://connect.hyland.com/t5/alfresco-forum/specific-groups-login/m-p/489458#M40099 venzia 2025-04-30T16:21:07Z