Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active Directory authentication: allow just group of users

brgsousa
Champ in-the-making
Champ in-the-making

‎01-15-2013 02:26 PM

I have searched the web two days and found nothing that worked AND this forum.
How can I allow only a group (not an organizational unit) to login and use the alfresco system?
The main issue is that users are not just in one organizational unit. They are not just in the "Users" OU. I don't know how to include several OUs to synchronize.

Current configuration :
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@intranet.domain.com
ldap.authentication.java.naming.provider.url=ldap://intranet.domain.com:389
ldap.authentication.defaultAdministratorUserNames=administrator

ldap.synchronization.java.naming.security.principal=administrator@intranet.domain.com
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.groupSearchBase=ou=groups,dc=intranet,dc=domain,dc=com
ldap.synchronization.userSearchBase=OU=Users,dc=intranet,dc=domain,dc=com
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=CN\=Developers,OU\=Users,DC\=intranet,DC\=domain,DC\=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
Labels:
0 Kudos
10 REPLIES 10

kimberlydeborah
Champ in-the-making
Champ in-the-making

‎09-09-2014 02:00 AM

Thanks for sharing the great solution. And I appreciated it.But we can also try some different method.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC