Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active Directory Sync allowing logins using email address

mvanpelt
Champ in-the-making
Champ in-the-making

‎05-06-2013 04:41 PM

Hello,

We have had Active directory sync up and running for a few months now on Alfresco 4.2.c.  Everything seemed to be working fine until I noticed that users were logging in using their email addresses and Alfresco was creating a separate user for them.  For example, I log in using my active directory account and everything is as it should be.  I log out and log in using my email address and domain password, and it creates/log me in to a new account.  I would like to make it so that logging in with email addresses does not work, but I am not sure how to accomplish that.  Any help would be greatly appreciated.
Labels:
0 Kudos
1 REPLY 1

afaust
Legendary Innovator
Legendary Innovator

‎05-07-2013 07:02 PM

Hello,

you can not prevent a successfull authentication when the Active Directory allows email addresses as user names, BUT you can prevent the on-demand creation of Alfresco users with such a user name and by doing so, prevent a successfull login. You simply have to disable the on-demand creation of people when they have not been created by synchronizing with the AD. This can be done by setting the property createMissingPeople of the peopleService (found in authentication-services-context.xml) to false. You should duplicate the entire bean in your Alfresco extension directory in a new *-context.xml.

Regards
Axel
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC