Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active Directory import users and groups

daniele001
Champ in-the-making
Champ in-the-making

‎10-02-2007 10:24 AM

Hi

I'm working to use our AD to import in Alfresco 2.1 users and grups I'll use in my organization.

While AD groups are correctly imported with correcte members, I've problems to import users.

I'm able to import just 1000 names, but all the others are missing.

I'm also one of the missing, but I can login correctly without any problem authenticated by AD password.

I saw in a "old" thread that this issue maybe related to a security policy that has MaxPageSize=1000.
http://forums.alfresco.com/viewtopic.php?t=2675

Maybe this my outstanding issue? Anyone may have a solution for me?

Kind regards
Labels:
0 Kudos
5 REPLIES 5

andy
Champ on-the-rise
Champ on-the-rise

‎10-16-2007 11:07 AM

Hi

You will need to up the page size that AD supports at the moment.

Andy
0 Kudos

daniele001
Champ in-the-making
Champ in-the-making

‎10-17-2007 05:37 AM

Thank you Andy for your feedback

I've no access to the AD domain controller server, so I cannot change nothing over there.

I tried to reduce the scopes and run the application several times to import users, but this is a workaround and doesn't guarantee me to have new users added.

Other option is to run indipendent and sequential import tasks. This will reduce the massive requests to the AD box. I don't know if this is possible…. for sure should be a workaround and not a permanent solution….

Thanks in advance for your help and support

Regards

Daniele
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎10-17-2007 09:05 AM

Hi

You can run many import jobs. So you could run sync jobs based on alphabetical ranges of user id, or surname etc (select in the LDAP query). These jobs would not have to be sequential. This is probably the only work around in your situation. LDAP paging support is on the list - so far it has not made it to the top.

Andy
0 Kudos

daniele001
Champ in-the-making
Champ in-the-making

‎10-17-2007 09:20 AM

Hi

You can run many import jobs. So you could run sync jobs based on alphabetical ranges of user id, or surname etc (select in the LDAP query). These jobs would not have to be sequential. This is probably the only work around in your situation. LDAP paging support is on the list - so far it has not made it to the top.

Andy

Thank you Andy, but where I can specify the different jobs? in ldap-authentication-context.xml I've to create several sections of
<bean id="ldapPeopleExportSource" class="org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource">

to handle the different searches? and how setting the schedule?

sorry for my request that may sound like a little bizzare, but I'm  really new in kind of task.

Thanks again

Daniele
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎10-18-2007 05:36 AM

Hi

Yes you need to create

<bean id="ldapGroupExportSource_1" …… />

and wire it up to a new

<bean id="ldapPeopleImport_1" …./>

and then wire this up to a new

<bean id="ldapPeopleTrigger" class="org.alfresco.util.CronTriggerBean" …/>

For each subsection of users.

You can do this as many times as you like and define new settings for each ldapPeopleExportSource_* bean. You could use abstract beans for common properties - see the examples in the config xml with abstrct="true" that do not define class="…")


Andy
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC