Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Active directory configuration

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-20-2010 12:50 PM

Hey, ive seen lots of post regarding this, but i cant find anything that tells me exactly what to do. I never used AD before and i have pretty much no idea at all on what i should be doing.
I looked that the wiki and a few other sites, but there always seems to be missing some sort of "action".

I saw in a post that we should only need to change the alfresco-global.properties, and so i did. I uncommented and changed:
authentication.chain=alfrescoNtlm1:alfrescoNtlm
to
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

and added the lines:

    ntlm.authentication.sso.enabled=false
    alfresco.authentication.authenticateCIFS=false

    ntlm.authentication.sso.enabled=false
    passthru.authentication.authenticateCIFS=true

    ldap.authentication.active=false
    ldap.synchronization.active=true

dont i need to configure the AD domain somewhere or mention its IP or something?
im completely lost.
Labels:
0 Kudos
12 REPLIES 12

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-21-2010 06:55 AM

i also configured the C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap\ldap-authentication.properties file to this;

# This flag enables use of this LDAP subsystem for authentication. It may be# that this subsytem should only be used for synchronization, in which case# this flag should be set to false.ldap.authentication.active=true## This properties file brings together the common options for LDAP authentication rather than editing the bean definitions#ldap.authentication.allowGuestLogin=true# How to map the user id entered by the user to that passed through to LDAP# - simple #    - this must be a DN and would be something like#      uid=%s,ou=People,dc=company,dc=com# - digest#    - usually pass through what is entered#      %s# If not set, an LDAP query involving ldap.synchronization.personQuery and ldap.synchronization.userIdAttributeName will # be performed to resolve the DN dynamically. This allows directories to be structured and doesn't require the user ID to# appear in the DN.ldap.authentication.userNameFormat=uid=%s,ou=People,dc=example,dc=com# The LDAP context factory to useldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory# The URL to connect to the LDAP server ldap.authentication.java.naming.provider.url=ldap://myteste.com:389# The authentication mechanism to use ldap.authentication.java.naming.security.authentication=SIMPLE# Escape commas entered by the user at bind time# Useful when using simple authentication and the CN is part of the DN and contains commasldap.authentication.escapeCommasInBind=false# Escape commas entered by the user when setting the authenticated user# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is # pulled in as part of an LDAP sync# If this option is set to true it will break the default home folder provider as space names can not contain \ldap.authentication.escapeCommasInUid=false# Comma separated list of user names who should be considered administrators by defaultldap.authentication.defaultAdministratorUserNames=teste1@myteste.com# This flag enables use of this LDAP subsystem for user and group# synchronization. It may be that this subsytem should only be used for # authentication, in which case this flag should be set to false.ldap.synchronization.active=true# The default principal to use (only used for LDAP sync)ldap.synchronization.java.naming.security.principal=cn=alfrescoldap,cn=Users,dc=edicom,dc=es# The password for the default principal (only used for LDAP sync)ldap.synchronization.java.naming.security.credentials=**********# If positive, this property indicates that RFC 2696 paged results should be# used to split query results into batches of the specified size. This# overcomes any size limits imposed by the LDAP server.ldap.synchronization.queryBatchSize=0# If positive, this property indicates that range retrieval should be used to fetch# multi-valued attributes (such as member) in batches of the specified size.# Overcomes any size limits imposed by Active Directory.        ldap.synchronization.attributeBatchSize=0# The query to select all objects that represent the groups to import.ldap.synchronization.groupQuery=(objectclass\=groupOfNames)# The query to select objects that represent the groups to import that have changed since a certain time.ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))# The query to select all objects that represent the users to import.ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)# The query to select objects that represent the users to import that have changed since a certain time.ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.ldap.synchronization.groupSearchBase=ou\=Groups,dc\=company,dc\=com# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.ldap.synchronization.userSearchBase=ou\=People,dc\=company,dc\=com# The name of the operational attribute recording the last update time for a group or user.ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp# The timestamp format. Unfortunately, this varies between directory servers.ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'# The attribute name on people objects found in LDAP to use as the uid in Alfrescoldap.synchronization.userIdAttributeName=uid# The attribute on person objects in LDAP to map to the first name property in Alfrescoldap.synchronization.userFirstNameAttributeName=givenName# The attribute on person objects in LDAP to map to the last name property in Alfrescoldap.synchronization.userLastNameAttributeName=sn# The attribute on person objects in LDAP to map to the email property in Alfrescoldap.synchronization.userEmailAttributeName=mail# The attribute on person objects in LDAP to map to the organizational id  property in Alfrescoldap.synchronization.userOrganizationalIdAttributeName=o# The default home folder provider to use for people created via LDAP importldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider# The attribute on LDAP group objects to map to the authority name property in Alfrescoldap.synchronization.groupIdAttributeName=cn# The attribute on LDAP group objects to map to the authority display name property in Alfrescoldap.synchronization.groupDisplayNameAttributeName=description# The group type in LDAPldap.synchronization.groupType=groupOfNames# The person type in LDAPldap.synchronization.personType=inetOrgPerson# The attribute in LDAP on group objects that defines the DN for its membersldap.synchronization.groupMemberAttributeName=member# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.ldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and i have C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap\ldap-authentication-context.xml like this:
<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'><beans>   <!–      The bean definitions for this subsystem are shared by the ldap and ldap-ad subsystems with different property      defaults   –>   <import resource="../common-ldap-context.xml" /></beans>‍‍‍‍‍‍‍‍‍‍

I still get the "unable to connect to ldap server" error message on tomcat.
Does anyone know what im missing?
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-21-2010 10:22 AM

I just noticed that i was probably using the wrong directory, since i want to use microsoft active directory i think i should use ldap-ad instead of just ldap.
there are a few more options in the C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad-authentication.properties file. So right now, i have that file with this content:

# This flag enables use of this LDAP subsystem for authentication. It may be# that this subsytem should only be used for synchronization, in which case# this flag should be set to false.ldap.authentication.active=true## This properties file brings together the common options for LDAP authentication rather than editing the bean definitions#ldap.authentication.allowGuestLogin=true# How to map the user id entered by the user to taht passed through to LDAP# In Active Directory, this can either be the user principal name (UPN) or DN.# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a userldap.authentication.userNameFormat=cn=%s,ou=users# The LDAP context factory to useldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory# The URL to connect to the LDAP server ldap.authentication.java.naming.provider.url=ldap://myteste.com:389# The authentication mechanism to useldap.authentication.java.naming.security.authentication=simple# Escape commas entered by the user at bind time# Useful when using simple authentication and the CN is part of the DN and contains commasldap.authentication.escapeCommasInBind=false# Escape commas entered by the user when setting the authenticated user# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is # pulled in as part of an LDAP sync# If this option is set to true it will break the default home folder provider as space names can not contain \ldap.authentication.escapeCommasInUid=false# Comma separated list of user names who should be considered administrators by defaultldap.authentication.defaultAdministratorUserNames=teste2# This flag enables use of this LDAP subsystem for user and group# synchronization. It may be that this subsytem should only be used for # authentication, in which case this flag should be set to false.ldap.synchronization.active=true# The default principal to bind with (only used for LDAP sync). This should be a UPN or DNldap.synchronization.java.naming.security.principal=teste2@myteste.com# The password for the default principal (only used for LDAP sync)ldap.synchronization.java.naming.security.credentials=**********# If positive, this property indicates that RFC 2696 paged results should be# used to split query results into batches of the specified size. This# overcomes any size limits imposed by the LDAP server.ldap.synchronization.queryBatchSize=1000# If positive, this property indicates that range retrieval should be used to fetch# multi-valued attributes (such as member) in batches of the specified size.# Overcomes any size limits imposed by Active Directory.        ldap.synchronization.attributeBatchSize=1000# The query to select all objects that represent the groups to import.ldap.synchronization.groupQuery=(objectclass\=group)# The query to select objects that represent the groups to import that have changed since a certain time.ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))# The query to select all objects that represent the users to import.ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))# The query to select objects that represent the users to import that have changed since a certain time.ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domain# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.ldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domain# The name of the operational attribute recording the last update time for a group or user.ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp# The timestamp format. Unfortunately, this varies between directory servers.ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'# The attribute name on people objects found in LDAP to use as the uid in Alfrescoldap.synchronization.userIdAttributeName=sAMAccountName# The attribute on person objects in LDAP to map to the first name property in Alfrescoldap.synchronization.userFirstNameAttributeName=givenName# The attribute on person objects in LDAP to map to the last name property in Alfrescoldap.synchronization.userLastNameAttributeName=sn# The attribute on person objects in LDAP to map to the email property in Alfrescoldap.synchronization.userEmailAttributeName=mail# The attribute on person objects in LDAP to map to the organizational id  property in Alfrescoldap.synchronization.userOrganizationalIdAttributeName=company# The default home folder provider to use for people created via LDAP importldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider# The attribute on LDAP group objects to map to the authority name property in Alfrescoldap.synchronization.groupIdAttributeName=cn# The attribute on LDAP group objects to map to the authority display name property in Alfrescoldap.synchronization.groupDisplayNameAttributeName=displayName# The group type in LDAPldap.synchronization.groupType=group# The person type in LDAPldap.synchronization.personType=user# The attribute in LDAP on group objects that defines the DN for its membersldap.synchronization.groupMemberAttributeName=member# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.ldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I created the microsoft AD with:
DNS name for new domain :
myTeste.com

Domain NetBios name :
MYTESTE

and a static ip

Alfresco cant find my AD,
i take it that this line is wrong?
# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://myteste.com:389

i can ping myteste.com, but i cant ping myteste.com:389
is this normal?
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-24-2010 06:29 AM

I got it to work, i think my problem was this line:
ldap.synchronization.active=true

I cant get the import to work, i would always get an error.How do i make it so it imports the users and group structure into Alfresco using AD?
Right now i can sign in with a user from AD and say he is a admin in the ldap-ad-authentication.properties file, but how do i make Alfresco import all the groups in my AD?

this is what i have in ldap-ad-authentication.properties file:

ldap.authentication.active=falseldap.authentication.allowGuestLogin=trueldap.authentication.userNameFormat=%s@myteste.comldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.provider.url=ldap://10.50.104.253:389ldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.defaultAdministratorUserNames=teste1ldap.synchronization.active=trueldap.synchronization.java.naming.security.principal=teste3@myteste.comldap.synchronization.java.naming.security.credentials=teste3_passldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass\=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domainldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domainldap.synchronization.modifyTimestampAttributeName=modifyTimestampldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'ldap.synchronization.userIdAttributeName=sAMAccountNameldap.synchronization.userFirstNameAttributeName=givenNameldap.synchronization.userLastNameAttributeName=snldap.synchronization.userEmailAttributeName=mailldap.synchronization.userOrganizationalIdAttributeName=companyldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProviderldap.synchronization.groupIdAttributeName=cnldap.synchronization.groupDisplayNameAttributeName=displayNameldap.synchronization.groupType=groupldap.synchronization.personType=userldap.synchronization.groupMemberAttributeName=memberldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and i delegated control (Read all inetOrgPerson information.) to the user teste3.

i still get user and group import failed, what am i missing?
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-25-2010 05:35 AM

hey, i now get this problem:

09:47:46,242 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'09:47:47,984 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-20,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:47,994 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-6,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:47,994 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-18,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,014 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,014 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-4,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,024 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-20,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,034 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-11,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,034 WARN  [org.alfresco.repo.security.sync.ldap.LDAPUserRegistry] Failed to resolve distinguished name: CN=S-1-5-9,CN=ForeignSecurityPrincipals,DC=myteste,DC=com09:47:48,134 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to errororg.alfresco.error.AlfrescoRuntimeException: 04250000 User and group import failed   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1039)   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:645)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:540)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:407)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:1360)   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1354)   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)   at org.apache.catalina.core.StandardService.start(StandardService.java:516)   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)   at java.lang.reflect.Method.invoke(Method.java:597)   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)Caused by: javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'dc=myteste,dc=com'   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)   at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)   at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)   at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1029)   … 46 more09:47:48,375 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Failed initial synchronize with user registriesorg.alfresco.error.AlfrescoRuntimeException: 04250000 User and group import failed   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1039)   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:645)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:540)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:407)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:1360)   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1354)   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)   at org.apache.catalina.core.StandardService.start(StandardService.java:516)   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)   at java.lang.reflect.Method.invoke(Method.java:597)   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)Caused by: javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'dc=myteste,dc=com'   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)   at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)   at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)   at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1029)   … 46 more09:47:48,555 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete09:47:49,006 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_20-b02; maximum heap size 989,875MB09:47:49,006 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Community): Current version 3.3.0 (2765) schema 4009 - Originally installed version 3.3.0 (2765) schema 400909:48:09,655 INFO  [org.alfresco.module.vti.VtiServer] Vti server started successfully on port: 7070‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

this is my ldap-ad-authentication.properties
ldap.authentication.active=trueldap.synchronization.active=trueldap.authentication.allowGuestLogin=trueldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.userNameFormat=%s@myteste.comldap.authentication.java.naming.provider.url=ldap://10.50.104.253:389ldap.authentication.defaultAdministratorUserNames=teste3ldap.synchronization.java.naming.security.principal=teste3@myteste.comldap.synchronization.java.naming.security.credentials=teste3Passldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))#ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domain#ldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domainldap.synchronization.groupSearchBase=dc=myteste,dc=comldap.synchronization.userSearchBase=dc=myteste,dc=com# The name of the operational attribute recording the last update time for a group or user.ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp# The timestamp format. Unfortunately, this varies between directory servers.ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'# The attribute name on people objects found in LDAP to use as the uid in Alfrescoldap.synchronization.userIdAttributeName=sAMAccountName# The attribute on person objects in LDAP to map to the first name property in Alfrescoldap.synchronization.userFirstNameAttributeName=givenName# The attribute on person objects in LDAP to map to the last name property in Alfrescoldap.synchronization.userLastNameAttributeName=sn# The attribute on person objects in LDAP to map to the email property in Alfrescoldap.synchronization.userEmailAttributeName=mail# The attribute on person objects in LDAP to map to the organizational id  property in Alfrescoldap.synchronization.userOrganizationalIdAttributeName=company# The default home folder provider to use for people created via LDAP importldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider# The attribute on LDAP group objects to map to the authority name property in Alfrescoldap.synchronization.groupIdAttributeName=cn# The attribute on LDAP group objects to map to the authority display name property in Alfrescoldap.synchronization.groupDisplayNameAttributeName=displayName# The group type in LDAPldap.synchronization.groupType=group# The person type in LDAPldap.synchronization.personType=user# The attribute in LDAP on group objects that defines the DN for its membersldap.synchronization.groupMemberAttributeName=member# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.ldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

what am i doing wrong? please help.
Best reguards.
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-25-2010 05:53 AM

Aparently what i had was correct, but i needed to create a OU inside my AD, and place inside all my users and groups. I had everything on the root of the domain and that was messing everything up.

So, i created an OU called myOU and changed my ldap-ad-authentication.properties to:
ldap.authentication.active=trueldap.synchronization.active=trueldap.authentication.allowGuestLogin=trueldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.userNameFormat=%s@myteste.comldap.authentication.java.naming.provider.url=ldap://10.50.104.253:389ldap.authentication.defaultAdministratorUserNames=teste3ldap.synchronization.java.naming.security.principal=teste3@myteste.comldap.synchronization.java.naming.security.credentials=Zxcvbnm00ldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))#ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domain#ldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domainldap.synchronization.groupSearchBase=OU=myOu,DC=myteste,DC=comldap.synchronization.userSearchBase=OU=myOu,DC=myteste,DC=com# The name of the operational attribute recording the last update time for a group or user.ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp# The timestamp format. Unfortunately, this varies between directory servers.ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'# The attribute name on people objects found in LDAP to use as the uid in Alfrescoldap.synchronization.userIdAttributeName=sAMAccountName# The attribute on person objects in LDAP to map to the first name property in Alfrescoldap.synchronization.userFirstNameAttributeName=givenName# The attribute on person objects in LDAP to map to the last name property in Alfrescoldap.synchronization.userLastNameAttributeName=sn# The attribute on person objects in LDAP to map to the email property in Alfrescoldap.synchronization.userEmailAttributeName=mail# The attribute on person objects in LDAP to map to the organizational id  property in Alfrescoldap.synchronization.userOrganizationalIdAttributeName=company# The default home folder provider to use for people created via LDAP importldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider# The attribute on LDAP group objects to map to the authority name property in Alfrescoldap.synchronization.groupIdAttributeName=cn# The attribute on LDAP group objects to map to the authority display name property in Alfrescoldap.synchronization.groupDisplayNameAttributeName=displayName# The group type in LDAPldap.synchronization.groupType=group# The person type in LDAPldap.synchronization.personType=user# The attribute in LDAP on group objects that defines the DN for its membersldap.synchronization.groupMemberAttributeName=member# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.ldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

this worked for me, hope this helps someone.
0 Kudos

postfix
Champ in-the-making
Champ in-the-making

‎05-26-2010 11:05 PM

Dear, your post helped me a lot is one of the few that allowed me to move forward. But I have a small problem and not passing

Someone could help me


Edit only two file : alfresco-global.properties y ldap-ad-authentication.properties


I have this in the first:

alfresco-global.properties
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-adntlm.authentication.sso.enabled=falsealfresco.authentication.authenticateCIFS=falsentlm.authentication.sso.enabled=falsepassthru.authentication.authenticateCIFS=trueldap.authentication.active=falseldap.synchronization.active=true ‍‍‍‍‍‍‍‍‍‍‍

and the second I have this, my domain is springfield.cl my UO is alfresco


ldap-ad-authentication.properties
ldap.authentication.active=trueldap.synchronization.active=trueldap.authentication.allowGuestLogin=trueldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.userNameFormat=%s@springfield.clldap.authentication.java.naming.provider.url=ldap://192.168.3.146:389ldap.authentication.defaultAdministratorUserNames=Administradorldap.synchronization.java.naming.security.principal=Administrador@springfield.clldap.synchronization.java.naming.security.credentials=Porque1234567ldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))#ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domain#ldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domainldap.synchronization.groupSearchBase=OU=alfresco,DC=springfield,DC=clldap.synchronization.userSearchBase=OU=alfresco,DC=springfield,DC=cl# The name of the operational attribute recording the last update time for a group or user.ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp# The timestamp format. Unfortunately, this varies between directory servers.ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'# The attribute name on people objects found in LDAP to use as the uid in Alfrescoldap.synchronization.userIdAttributeName=sAMAccountName# The attribute on person objects in LDAP to map to the first name property in Alfrescoldap.synchronization.userFirstNameAttributeName=givenName# The attribute on person objects in LDAP to map to the last name property in Alfrescoldap.synchronization.userLastNameAttributeName=sn# The attribute on person objects in LDAP to map to the email property in Alfrescoldap.synchronization.userEmailAttributeName=mail# The attribute on person objects in LDAP to map to the organizational id  property in Alfrescoldap.synchronization.userOrganizationalIdAttributeName=company# The default home folder provider to use for people created via LDAP importldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider# The attribute on LDAP group objects to map to the authority name property in Alfrescoldap.synchronization.groupIdAttributeName=cn# The attribute on LDAP group objects to map to the authority display name property in Alfrescoldap.synchronization.groupDisplayNameAttributeName=displayName# The group type in LDAPldap.synchronization.groupType=group# The person type in LDAPldap.synchronization.personType=user# The attribute in LDAP on group objects that defines the DN for its membersldap.synchronization.groupMemberAttributeName=member# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.ldap.synchronization.enableProgressEstimation=true ‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

this is what shows me Tomcat

 Spring Surf Container Web Script Container (in 4595.2456ms)22:58:59,280  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:58:59,609  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js22:58:59,749  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:59:00,202  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js22:59:00,671  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:59:00,687  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js26-may-2010 22:59:01 org.apache.catalina.startup.HostConfig deployWARINFO: Despliegue del archivo share.war de la aplicaci´┐¢n web22:59:26,624  INFO  [extensions.webscripts.DeclarativeRegistry] Registered 225 Web Scripts (+0 failed), 232 URLs22:59:26,624  INFO  [extensions.webscripts.DeclarativeRegistry] Registered 8 Package Description Documents (+0 failed)22:59:26,640  INFO  [extensions.webscripts.DeclarativeRegistry] Registered 0 Schema Description Documents (+0 failed)22:59:27,593  INFO  [extensions.webscripts.AbstractRuntimeContainer] Initialised Spring Surf Container Web Script Container (in 9731.687ms)22:59:30,249  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:59:31,265  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js22:59:31,702  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:59:31,718  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js22:59:32,343  INFO  [extensions.webscripts.TemplateProcessorRegistry] Registered template processor freemarker for extension ftl22:59:32,374  INFO  [extensions.webscripts.ScriptProcessorRegistry] Registered script processor javascript for extension js26-may-2010 22:59:37 org.apache.coyote.http11.Http11Protocol startINFO: Arrancando Coyote HTTP/1.1 en puerto http-808026-may-2010 22:59:37 org.apache.catalina.startup.Catalina startINFO: Server startup in 403487 ms23:00:10,843  ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 04260001 Login failedorg.springframework.extensions.webscripts.WebScriptException: 04260001 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)        at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:231)        at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:367)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:321)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:417)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:434)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:257)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:307)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:178)        at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:116)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)23:00:12,530  ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 04260002 Login failedorg.springframework.extensions.webscripts.WebScriptException: 04260002 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)        at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:231)        at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:367)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:321)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:417)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:434)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:257)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:307)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:178)        at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:116)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)23:00:12,702  ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 04260003 Login failedorg.springframework.extensions.webscripts.WebScriptException: 04260003 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)        at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:231)        at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:367)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:321)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:417)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:434)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:257)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:307)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:178)        at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:116)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)23:00:12,765  ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 04260004 Login failedorg.springframework.extensions.webscripts.WebScriptException: 04260004 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)        at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:231)        at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:367)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:321)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:417)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:434)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:257)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:307)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:178)        at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:116)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)23:00:34,671  ERROR [extensions.webscripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 04260005 Login failedorg.springframework.extensions.webscripts.WebScriptException: 04260005 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)        at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:231)        at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:367)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:321)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:417)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:434)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:257)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:307)        at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:178)        at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:116)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

msg = The remote server may be unavailable or your authentication details have not been recognized.

please someone help me
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-27-2010 10:03 AM

try removing:
ntlm.authentication.sso.enabled=false
alfresco.authentication.authenticateCIFS=false

ntlm.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true

ldap.authentication.active=false
ldap.synchronization.active=true

from alfresco-global.properties

hopefully thats the problem.
0 Kudos

postfix
Champ in-the-making
Champ in-the-making

‎05-27-2010 09:09 PM

That was, Thank you, really is much appreciated your response
0 Kudos

p3d3r0s0
Champ in-the-making
Champ in-the-making

‎05-28-2010 04:56 AM

No problem Smiley Wink
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top