Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD integration - Alfresco won't let AD user login

applening
Champ in-the-making
Champ in-the-making

‎08-05-2011 11:34 AM

Alfresco 3.4d

This is what I did to integrate AD:

In alfresco.global.properties file (C:\Alfresco\tomcat\shared\classes) added line:
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

In ldap-ad-aduthentication.properties file (C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad) edited these lines to according parameters for our AD server:
ldap.authentication.java.naming.provider.url=ldap://domaincontroller.company.com:389
ldap.synchronization.java.naming.security.principal=USERNAME@COMPANY.COM
ldap.synchronization.java.naming.security.credentials=SECRET
ldap.synchronization.groupSearchBase=ou\=Groups,dc\=company,dc\=com
ldap.synchronization.userSearchBase=ou\=People,dc\=company,dc\=com

There were no errors on Tomcat startup. The system log says Authentication and Synchronization subsystems complete. All users were created in Alfresco and I can see them through searching for users.

But none of the AD users can log in and got the message "The remote server may be unavailable or your authentication details have not been recognized." Am I missing something here?

Thanks in advance.
Labels:
0 Kudos
2 REPLIES 2

applening
Champ in-the-making
Champ in-the-making

‎08-05-2011 12:56 PM

So I ran WireShark and found out what the problem was.

To answer my own question, yes, there was one more thing in the ldap-ad-aduthentication.properties file.

ldap.authentication.userNameFormat=%s@domain

@domain needed to change to our domain controller name e.g. @company.com. As an AD and Alfresco rookie, I was not aware of that. Glad to finally got it working though. Hope this can help someone as well.
0 Kudos

georgej
Champ in-the-making
Champ in-the-making

‎08-13-2011 07:12 AM

I COULD SH@G YOU RIGHT NOW!!!! 

After weeks of banging my head, asking tech gurus in my area and begging for help here on the forums with absolutely no help from anybody, I stumbled on your post in my flu infested state of mind and tried what you did and golly gee jiminee it worked!!!! 

I can now log on as a domain user.  Now to see how to get it working automatically as i still get the error of can't locate the authentication server or my logon details were incorrect when I navigate to the share page.

My day has been made Smiley Very Happy  THANK YOU APPLENING!!!!
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC