https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318163#M5164 <P>Thanks for your reply and your time.</P> Thu, 12 Jun 2014 12:02:48 GMT Yannick_ 2014-06-12T12:02:48Z https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318161#M5162 <P>Hello, I'm using nuxeo 5.9.3 on ubuntu server 12.04 and I configured the active directory authentication in Nuxeo. I can log in with active directory account in Nuxeo without problems. I can found my active directory group in Nuxeo but there's no members in it. How can i fix this issue?</P> <P>Here's my default-ldap-group configuration and my userManagement extension point.</P> <P>Thanks for your time.</P> <PRE><CODE> &lt;extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" point="directories"&gt; &lt;directory name="groupLdapDirectory"&gt; &lt;server&gt;default&lt;/server&gt; &lt;schema&gt;group&lt;/schema&gt; &lt;idField&gt;groupname&lt;/idField&gt; &lt;searchBaseDn&gt;ou=xxx,dc=xxx,dc=xx&lt;/searchBaseDn&gt; &lt;searchFilter&gt; (objectclass=group) &lt;/searchFilter&gt; &lt;searchScope&gt;subtree&lt;/searchScope&gt; &lt;readOnly&gt;false&lt;/readOnly&gt; &lt;cacheTimeout&gt;3600&lt;/cacheTimeout&gt; &lt;cacheMaxSize&gt;1000&lt;/cacheMaxSize&gt; &lt;creationBaseDn&gt;ou=xxxx,dc=xxx,dc=xx&lt;/creationBaseDn&gt; &lt;creationClass&gt;top&lt;/creationClass&gt; &lt;creationClass&gt;group&lt;/creationClass&gt; &lt;querySizeLimit&gt;200&lt;/querySizeLimit&gt; &lt;queryTimeLimit&gt;0&lt;/queryTimeLimit&gt; &lt;rdnAttribute&gt;cn&lt;/rdnAttribute&gt; &lt;fieldMapping name="groupname"&gt;cn&lt;/fieldMapping&gt; &lt;references&gt; &lt;ldapReference field="members" directory="userLdapDirectory" forceDnConsistencyCheck="false" staticAttributeId="uniqueMember" dynamicAttributeId="memberURL" /&gt; &lt;ldapReference field="subGroups" directory="groupLdapDirectory" forceDnConsistencyCheck="false" staticAttributeId="uniqueMember" dynamicAttributeId="memberURL" /&gt; &lt;inverseReference field="parentGroups" directory="groupLdapDirectory" dualReferenceField="subGroups" /&gt; &lt;ldapTreeReference field="directChildren" directory="unitDirectory" scope="onelevel" /&gt; &lt;ldapTreeReference field="children" directory="unitDirectory" scope="subtree" /&gt; &lt;/references&gt; &lt;/directory&gt; &lt;/extension&gt; &lt;extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager"&gt; &lt;userManager&gt; &lt;defaultAdministratorId&gt;Administrateur&lt;/defaultAdministratorId&gt; &lt;defaultGroup&gt;members&lt;/defaultGroup&gt; &lt;disableDefaultAdministratorsGroup&gt;true&lt;/disableDefaultAdministratorsGroup&gt; &lt;/userManager&gt; &lt;/extension&gt; &lt;component name="org.nuxeo.ecm.platform.usermanager.VirtualGroups"&gt; &lt;require&gt;org.nuxeo.ecm.platform.usermanager.UserManagerImpl&lt;/require&gt; &lt;extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager"&gt; &lt;userManager class="org.nuxeo.ecm.platform.usermanager.UserManagerImpl"&gt; &lt;users&gt; &lt;directory&gt;userLdapDirectory&lt;/directory&gt; &lt;/users&gt; &lt;groups&gt; &lt;directory&gt;groupLdapDirectory&lt;/directory&gt; &lt;/groups&gt; &lt;/userManager&gt; &lt;/extension&gt; &lt;/component&gt; </CODE></PRE> Thu, 12 Jun 2014 07:15:49 GMT https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318161#M5162 Yannick_ 2014-06-12T07:15:49Z https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318162#M5163 <P>hello,</P> <P>the resolution of group members is done by the ldapReference tag: you need to check which field is used in a group entry to store the members. In your configuration, you indicate it is "uniqueMember", but for Active Directory, the attribute may be "member".</P> <P>Kind regards,</P> <P>Thierry</P> Thu, 12 Jun 2014 09:03:09 GMT https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318162#M5163 Thierry_Martins 2014-06-12T09:03:09Z https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318163#M5164 <P>Thanks for your reply and your time.</P> Thu, 12 Jun 2014 12:02:48 GMT https://connect.hyland.com/t5/nuxeo-forum/unable-to-grant-access-right-to-active-directory-group/m-p/318163#M5164 Yannick_ 2014-06-12T12:02:48Z