Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active Directory AD configuration

gros_manu
Champ in-the-making
Champ in-the-making

‎05-30-2011 05:06 AM

Bonjour,

Je voudrai s activer l’active Directory dans alfresco, mais je n’y parviens pas. J’ai essayé en suivant les indications de ce lien http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#AlfrescoNtlm mais a la suite de la conf, il n’y a aucun changement mis a part que l’interface share ne fonctionne plus sans générer d’erreur dans les logs.
Quel fichier avez-vous modifié pour activer l’import des users de l’AD ?

Merci
Labels:
0 Kudos
11 REPLIES 11

jeanjot
Confirmed Champ
Confirmed Champ

‎05-30-2011 05:35 AM

Bonjour

Avec quelques informations complémentaires, comme :
Version alfresco,
Sgbd
OS

et aussi les fichiers de configuration que vous avez modifiés pourrait nous permettre de vous répondre sans boule de cristal comme dirait Romain …
0 Kudos

gros_manu
Champ in-the-making
Champ in-the-making

‎05-30-2011 08:06 AM

désolé,

Alfresco 3.4d
mysql
le tout sur centOS 5.6

Pour le momet je viens de refaire une install donc je n ai pas encore modifé de fichier.
0 Kudos

jeanjot
Confirmed Champ
Confirmed Champ

‎05-30-2011 08:15 AM

Ok

si cela ne marche pas n'hésitez pas à envoyer votre fichier de configuration.
Avec des informations sur votre AD en terme d'architecture.
0 Kudos

gros_manu
Champ in-the-making
Champ in-the-making

‎05-30-2011 08:34 AM

juste une qestion:

L'AD fonctionne avec share et le CIFS ? Si oui cela ne nécessite qu'une seul configuration ?

Il faut modifier le fichier share-config-custom.xml.sample, mais y a t il des modification a apporter dans les fichiers du dossier
/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication ?
0 Kudos

jeanjot
Confirmed Champ
Confirmed Champ

‎05-30-2011 09:08 AM

Bonjour

Pour la déclaration de votre AD vous pouvez le faire directement dans :
alfresco-global.properties

Toutes les informations à remplir ce trouve sur cette page :
http://www.alfresco.com/help/34/community/all/concepts/auth-ldap-props.html

N'oubliez pas le chainage d'authentification sur cette page :
http://www.alfresco.com/help/34/community/all/tasks/auth-subsystem-chain-config.html

Et pour finir la totale pour ce qui concerne l'authentification et notamment les accès CIFS avec les différentes possibilités d'authentification :
http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#What_are_the_Authentication_Subsyst...
0 Kudos

gros_manu
Champ in-the-making
Champ in-the-making

‎05-30-2011 10:57 AM

Merci je vais essayer avec cela .
0 Kudos

gros_manu
Champ in-the-making
Champ in-the-making

‎06-07-2011 11:40 AM

Bonjour,

Ce n'est pas encore ca, mais ca avance !

Je bloque :
    17:24:37,945 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
    17:24:37,950 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
    17:24:38,004 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 0 entries
    17:24:38,005 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 0 entries
    17:24:38,008 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all users from user registry 'ldap1'
    17:24:38,152 UserSmiley Frustratedystem INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 117 entries
    17:24:38,170 UserSmiley Frustratedystem WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {mail=mail: user1@integra.
    fr, modifytimestamp=modifyTimeStamp: 20110318165427.0Z, givenname=givenName: user1, sn=sn: name1}
    17:24:38,171 UserSmiley Frustratedystem WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {modifytimestamp=modifyTim
    eStamp: 20110221170727.0Z, givenname=givenName: user2}
    17:24:38,171 UserSmiley Frustratedystem WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {modifytimestamp=modifyTim
    eStamp: 20110221170750.0Z, givenname=givenName: user3}
    17:24:38,171 UserSmiley Frustratedystem WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {mail=mail: gfffff@fffff.fr, modifytimestamp=modifyTimeStamp: 20110518133807.0Z, givenname=givenName: Gffff, sn=sn: fffff}
    17:24:38,171 UserSmiley Frustratedystem WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {mail=mail: bffff@ffff.fr, modifytimestamp=modifyTimeStamp: 20110606095222.0Z, givenname=givenName: BfFFF, sn=sn: FFFF}
Au final pour le moment je n'est plus acces aux interfaces web avec le login admin. Pour avoir l'acces, il faut que je remette la conf de base

Avez vous une idée ?
Merci
0 Kudos

jeanjot
Confirmed Champ
Confirmed Champ

‎06-07-2011 05:50 PM

bonsoir

ce serait bien de nous mettre votre configuration avec le contenu du alfresco-global.properties…
0 Kudos

gros_manu
Champ in-the-making
Champ in-the-making

‎06-17-2011 09:55 AM

Bonjour,

Finalement j'ai bien acces aux differantes interfaces avec le compte admin.

Pour le fichier alfresco-global.properties,
j ai :

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
ldap.authentication.active=true

le reste de la configuration est dans le fichier  : ldap-authentication.properties

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://mon serveur:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn\=user,ou\=service,ou\=utilisateurs,ou\=toto,dc\=toto,dc\=toto,dc\=fr
ldap.synchronization.java.naming.security.credentials=toto
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=user)
ldap.synchronization.personDifferentialQuery=(&(objectcategory\=user)(objectclass\=user)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou\=toto,dc\=toto,dc\=toto,dc\=fr
ldap.synchronization.userSearchBase=ou\=toto,dc\=toto,dc\=toto,dc\=fr
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Avec ces parametres catalina.out ma donne :

15:02:02,147 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
15:02:02,152 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
15:02:02,188 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 0 entries
15:02:02,190 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 0 entries
15:02:02,192 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all users from user registry 'ldap1'
15:02:02,223 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 123 entries
15:02:02,236 User:System WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {mail=mail: user1@toto.
fr, modifytimestamp=modifyTimeStamp: 20110318165427.0Z, givenname=givenName: user1, sn=sn: name1}
15:02:02,237 User:System WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {modifytimestamp=modifyTim
eStamp: 20110221170727.0Z, givenname=givenName: user2}
15:02:02,237 User:System WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {modifytimestamp=modifyTim
eStamp: 20110221170750.0Z, givenname=givenName: user3}
15:02:02,237 User:System WARN  [sync.ldap.LDAPUserRegistry] User returned by user search does not have mandatory user id attribute {mail=mail: toto@toto
.fr, modifytimestamp=modifyTimeStamp: 20110617125247.0Z, givenname=givenName: toto, sn=sn: toto}

Puis :

15:02:02,269 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Completed batch of 123 entries
15:02:02,271 User:System ERROR [security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 05170000 Failed to parse timestamp.
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.mapToNode(LDAPUserRegistry.java:981)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.access$800(LDAPUserRegistry.java:77)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection$PersonIterator.fetchNext(LDAPUserRegistry.java:1466)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection$PersonIterator.<init>(LDAPUserRegistry.java:1362)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection.iterator(LDAPUserRegistry.java:1313)
        at org.alfresco.repo.batch.BatchProcessor$WorkProviderIterator.hasNext(BatchProcessor.java:589)
        at org.alfresco.repo.batch.BatchProcessor.process(BatchProcessor.java:378)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1275)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:434)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$6.doWork(ChainingUserRegistrySynchronizer.java:1529)
        at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1523)
        at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
        at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
        at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:78)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
        at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3972)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4467)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
        at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:637)
        at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:563)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at org.apache.catalina.core.StandardService.start(StandardService.java:519)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.text.ParseException: Unparseable date: "20110617104849.0Z"
        at java.text.DateFormat.parse(DateFormat.java:337)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.mapToNode(LDAPUserRegistry.java:977)
        … 52 more
15:02:02,286 User:System WARN  [security.sync.ChainingUserRegistrySynchronizer] Failed initial synchronize with user registries
org.alfresco.error.AlfrescoRuntimeException: 05170000 Failed to parse timestamp.
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.mapToNode(LDAPUserRegistry.java:981)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.access$800(LDAPUserRegistry.java:77)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection$PersonIterator.fetchNext(LDAPUserRegistry.java:1466)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection$PersonIterator.<init>(LDAPUserRegistry.java:1362)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$PersonCollection.iterator(LDAPUserRegistry.java:1313)
        at org.alfresco.repo.batch.BatchProcessor$WorkProviderIterator.hasNext(BatchProcessor.java:589)
        at org.alfresco.repo.batch.BatchProcessor.process(BatchProcessor.java:378)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1275)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:434)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$6.doWork(ChainingUserRegistrySynchronizer.java:1529)
        at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1523)
        at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
        at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
        at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:78)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
        at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3972)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4467)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
        at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:637)
        at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:563)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
        at org.apache.catalina.core.StandardService.start(StandardService.java:519)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: java.text.ParseException: Unparseable date: "20110617104849.0Z"
        at java.text.DateFormat.parse(DateFormat.java:337)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.mapToNode(LDAPUserRegistry.java:977)
        … 52 more
15:02:02,295  INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete

Je suis un peu perdu …
Si vous avez une idée ce serait top!

Merci
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC