Unable to create users or Groups in Nuxeo when connected to Active Directory

Kishore_Yendamu — Tue, 10 Jun 2014 20:32:29 GMT
I'm unable to create any new users or Groups from Nuxeo Admin Center once it's integrated with Active Directory. Here is the configuration I have: Please advise if I need to change any configurations below:
<component name="org.nuxeo.ecm.directory.ldap.storage.users">
  <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>
  <require>org.nuxeo.ecm.directory.sql.storage</require>
  <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" point="servers">
    <server name="default">
      <ldapUrl>ldap://<IP>:389</ldapUrl>
      <bindDn>cn=gituser,ou=CMS,ou=Applications,dc=dmlabs,dc=xyz,dc=com</bindDn>
      <bindPassword>blahblah</bindPassword>
    </server>
  </extension>

  <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" point="directories">
    <directory name="userDirectory">
      <server>default</server>
      <schema>user</schema>
      <idField>username</idField>
      <passwordField>password</passwordField>
      <searchBaseDn>OU=CMS,OU=Applications,DC=dmlabs,DC=xyz,DC=com</searchBaseDn>
      <searchClass>person</searchClass>
      <searchScope>onelevel</searchScope>
      <substringMatchType>subany</substringMatchType>
      <readOnly>false</readOnly>
      <cacheTimeout>3600</cacheTimeout>
      <cacheMaxSize>1000</cacheMaxSize>
      <missingIdFieldCase>lower</missingIdFieldCase>
      <querySizeLimit>200</querySizeLimit>
      <queryTimeLimit>0</queryTimeLimit>
      <creationBaseDn>OU=CMS,OU=Applications,DC=dmlabs,DC=xyz,DC=com</creationBaseDn>
      <creationClass>top</creationClass>
      <creationClass>person</creationClass>
      <creationClass>organizationalPerson</creationClass>
      <creationClass>inetOrgPerson</creationClass>
      <rdnAttribute>sAMAccountName</rdnAttribute>
      <fieldMapping name="username">sAMAccountName</fieldMapping>
      <fieldMapping name="password">userPassword</fieldMapping>
      <fieldMapping name="firstName">givenName</fieldMapping>
      <fieldMapping name="lastName">sn</fieldMapping>
      <fieldMapping name="company">o</fieldMapping>
      <fieldMapping name="email">mail</fieldMapping>
      <references>
        <inverseReference field="groups" directory="groupDirectory" dualReferenceField="members" />
      </references>
    </directory>
    <directory name="groupDirectory">
        <server>default</server>
        <schema>group</schema>
        <idField>groupname</idField>
        <searchBaseDn>OU=CMS,OU=Applications,DC=dmlabs,DC=xyz,DC=com</searchBaseDn>
        <searchFilter>((objectClass=group))</searchFilter>
        <searchScope>subtree</searchScope>
        <!--entryAdaptor class="org.nuxeo.ecm.directory.impl.WritePolicyEntryAdaptor"-->
    <readOnly>false</readOnly>
        <cacheTimeout>3600</cacheTimeout>
        <cacheMaxSize>2000</cacheMaxSize>
        <creationBaseDn>OU=CMS,OU=Applications,DC=dmlabs,DC=xyz,DC=com</creationBaseDn>
        <creationClass>top</creationClass>
        <creationClass>groupOfUniqueNames</creationClass>
        <rdnAttribute>sAMAccountName</rdnAttribute>
        <querySizeLimit>500</querySizeLimit>
        <queryTimeLimit>0</queryTimeLimit>
        <fieldMapping name="groupname">sAMAccountName</fieldMapping>
        <references>
            <ldapReference directory="userDirectory" dynamicAttributeId="memberURL" field="members" forceDnConsistencyCheck="false" staticAttributeId="uniqueMember" staticAttributeIdIsDn="true"/>
            <ldapReference directory="groupDirectory" dynamicAttributeId="memberURL" field="subGroups" forceDnConsistencyCheck="false" staticAttributeId="uniqueMember"/>
            <inverseReference directory="groupDirectory" dualReferenceField="subGroups" field="parentGroups"/>
            <ldapTreeReference directory="groupDirectory" field="children" scope="onelevel"/>
            <inverseReference directory="groupDirectory" dualReferenceField="children" field="parents"/>
        </references>
    </directory>
  </extension>
  <extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
    <userManager>
      <defaultAdministratorId>cmsadmin</defaultAdministratorId>
      <defaultGroup>CMSMembers</defaultGroup>
      <administratorsGroup>CMSAdministrators</administratorsGroup>
      <disableDefaultAdministratorsGroup>true</disableDefaultAdministratorsGroup>
       <groups>
            <directory>groupDirectory</directory>
            <membersField>members</membersField>
            <groupLabelField>grouplabel</groupLabelField>
            <subGroupsField>subgroups</subGroupsField>
            <parentGroupsField>parentgroup</parentGroupsField>
            <listingMode>search_only</listingMode>
            <searchFields append="true">
                <substringMatchSearchField>grouplabel</substringMatchSearchField>
                <exactMatchSearchField>groupname</exactMatchSearchField>
            </searchFields>
        </groups>
        <!--defaultGroup>members</defaultGroup-->
        <groupSortField>groupname</groupSortField>
    </userManager>
  </extension>

</component>
topic Unable to create users or Groups in Nuxeo when connected to Active Directory in Nuxeo Forum

Unable to create users or Groups in Nuxeo when connected to Active Directory
