Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco 3.3g unable to connect with LDAP server

sandhya25186
Champ in-the-making
Champ in-the-making

‎07-20-2010 05:30 AM

I have setup LDAP directory on ubuntu server,am trying to integrate Alfresco3.3g residing on same server with the LDAP following the link :http://www.anotherstrangerme.com/alfresco-3-3g-integration-with-active-directory-and-google-docs/

But now, when I am starting the Alfresco, I am getting following connection exception and i dont know where i am going wrong.

08:41:02,516 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
08:44:11,556 ERROR [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] Unable to connect to LDAP Server; check LDAP configuration
javax.naming.CommunicationException: 192.0.32.10:389 [Root exception is java.net.ConnectException: Connection timed out]
   at com.sun.jndi.ldap.Connection.<init>(Connection.java:210)
   at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
   at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1580)
   at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2652)
   at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
   at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
   at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
   at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
   at javax.naming.InitialContext.init(InitialContext.java:223)
   at javax.naming.InitialContext.<init>(InitialContext.java:197)
   at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.afterPropertiesSet(LDAPInitialDirContextFactoryImpl.java:293)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1460)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1398)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:512)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:322)
   at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:106)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1305)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1067)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511)
   at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:450)
   at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:290)
   at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222)
   at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:287)
   at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:189)
   at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:557)
   at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:842)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:416)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:440)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.getState(AbstractPropertyBackedBean.java:221)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory.getApplicationContext(ChildApplicationContextFactory.java:336)
   at org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager$ApplicationContextManagerState.getApplicationContext(DefaultChildApplicationContextManager.java:289)
   at org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager$ApplicationContextManagerState.start(DefaultChildApplicationContextManager.java:248)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:440)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.getState(AbstractPropertyBackedBean.java:221)
   at org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager.getInstanceIds(DefaultChildApplicationContextManager.java:145)
   at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:64)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
   at $Proxy189.isActive(Unknown Source)
   at org.alfresco.filesys.config.ServerConfigurationBean.processCIFSServerConfig(ServerConfigurationBean.java:169)
   at org.alfresco.filesys.AbstractServerConfigurationBean.init(AbstractServerConfigurationBean.java:469)
   at org.alfresco.filesys.AbstractServerConfigurationBean.onApplicationEvent(AbstractServerConfigurationBean.java:818)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)
   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: java.net.ConnectException: Connection timed out
   at java.net.PlainSocketImpl.socketConnect(Native Method)
   at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
   at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
   at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
   at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
   at java.net.Socket.connect(Socket.java:525)
   at java.net.Socket.connect(Socket.java:475)
   at java.net.Socket.<init>(Socket.java:372)
   at java.net.Socket.<init>(Socket.java:186)
   at com.sun.jndi.ldap.Connection.createSocket(Connection.java:352)
   at com.sun.jndi.ldap.Connection.<init>(Connection.java:187)
   … 92 more
08:44:11,579 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete
08:44:11,581 WARN  [org.alfresco.fileserver] CIFS server name is longer than 15 characters, truncated to ip-10-242-246-2
08:44:16,614 ERROR [org.alfresco.fileserver] Failed to get local domain/workgroup name, using default of WORKGROUP
08:44:16,615 ERROR [org.alfresco.fileserver] (This may be due to firewall settings or incorrect <broadcast> setting)
08:44:16,682 ERROR [org.alfresco.fileserver] [FTP] FTP Socket error : java.net.BindException: Address already in use
08:44:16,682 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [fileServers, default] complete
08:44:16,789 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [imap, default]
08:44:16,790 ERROR [org.alfresco.fileserver] java.net.BindException: Address already in use
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.net.PlainSocketImpl.socketBind(Native Method)
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.net.PlainSocketImpl.bind(PlainSocketImpl.java:365)
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.net.ServerSocket.bind(ServerSocket.java:319)
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.net.ServerSocket.<init>(ServerSocket.java:185)
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.net.ServerSocket.<init>(ServerSocket.java:141)
08:44:16,790 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.ftp.FTPServer.run(FTPServer.java:555)
08:44:16,790 ERROR [org.alfresco.fileserver]    at java.lang.Thread.run(Thread.java:619)
08:44:16,799 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
08:44:16,846 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [imap, default] complete
08:44:16,847 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'email' subsystem, ID: [email, outbound]
08:44:16,854 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
08:44:16,894 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'email' subsystem, ID: [email, outbound] complete
08:44:16,894 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'email' subsystem, ID: [email, inbound]
08:44:16,903 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
08:44:16,938 WARN  [org.springframework.beans.GenericTypeAwarePropertyDescriptor] Invalid JavaBean property 'blockedSenders' being accessed! Ambiguous write methods found next to actually used [public void org.alfresco.email.server.EmailServer.setBlockedSenders(java.util.List)]: [public void org.alfresco.email.server.EmailServer.setBlockedSenders(java.lang.String)]
08:44:16,938 WARN  [org.springframework.beans.GenericTypeAwarePropertyDescriptor] Invalid JavaBean property 'allowedSenders' being accessed! Ambiguous write methods found next to actually used [public void org.alfresco.email.server.EmailServer.setAllowedSenders(java.util.List)]: [public void org.alfresco.email.server.EmailServer.setAllowedSenders(java.lang.String)]
08:44:17,005 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'email' subsystem, ID: [email, inbound] complete
08:44:17,006 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Enabled - calculate missing user usages …
08:44:17,094 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Found 0 users to recalculate
08:44:17,094 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] … calculated missing usages for 0 users
08:44:17,094 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [Synchronization, default]
08:44:17,113 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
08:44:17,179 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
08:44:17,181 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
08:44:17,481 INFO  [org.alfresco.util.OpenOfficeConnectionTester] The OpenOffice connection was re-established.
08:47:26,185 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to error
org.alfresco.repo.security.authentication.AuthenticationException: 06200001 Unable to connect to LDAP Server; check LDAP configuration
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:114)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:85)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:76)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:648)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:645)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:540)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:407)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:1360)
   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1354)
   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)
   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: javax.naming.CommunicationException: 192.0.32.10:389 [Root exception is java.net.ConnectException: Connection timed out]
   at com.sun.jndi.ldap.Connection.<init>(Connection.java:210)
   at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
   at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:46)
   at com.sun.jndi.ldap.pool.Connections.<init>(Connections.java:97)
   at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Pool.java:114)
   at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(LdapPoolManager.java:310)
   at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1572)
   at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2652)
   at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
   at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
   at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
   at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
   at javax.naming.InitialContext.init(InitialContext.java:223)
   at javax.naming.InitialContext.<init>(InitialContext.java:197)
   at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:105)
   … 49 more
Caused by: java.net.ConnectException: Connection timed out
   at java.net.PlainSocketImpl.socketConnect(Native Method)
   at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
   at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
   at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
   at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
   at java.net.Socket.connect(Socket.java:525)
   at java.net.Socket.connect(Socket.java:475)
   at java.net.Socket.<init>(Socket.java:372)
   at java.net.Socket.<init>(Socket.java:186)
   at com.sun.jndi.ldap.Connection.createSocket(Connection.java:352)
   at com.sun.jndi.ldap.Connection.<init>(Connection.java:187)
   … 67 more

Following are the configuration files changed :-
ldap config file in /usr/local/etc/openldap/slapd.conf
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/corba.schema
include         /usr/local/etc/openldap/schema/dyngroup.schema
include         /usr/local/etc/openldap/schema/java.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /usr/local/etc/openldap/schema/openldap.schema
include         /usr/local/etc/openldap/schema/ppolicy.schema


# Define global ACLs to disable default read access.



# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org
loglevel 264
pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/local/libexec/openldap
# moduleload    back_bdb.la
# moduleload    back_hdb.la
# moduleload    back_ldap.la

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
# TLS options
TLSCipherSuite HIGH:MEDIUM
TLSCertificateFile /usr/local/etc/openldap/slapd-cert.pem
TLSCertificateKeyFile /usr/local/etc/openldap/slapd-key.pem
#######################################################################
# BDB database definitions
#######################################################################

database        bdb
suffix          "dc=example,dc=com"
rootdn          "cn=root,dc=example,dc=com"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
rootpw          {SSHA}xKWKtki8BlF9S8QtxVM0EqUg7e/hCq97
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /usr/local/var/openldap-data
mode 0600
# Indices to main indexes
index objectClass eq,pres
index ou,cn,mail,surname,givenname eq,pres,sub
index uidNumber,gidNumber,loginShell eq,pres
index uid,memberUid eq,pres,sub
index nisMapName,nisMapEntry eq,pres,sub
# SASL mappings for md5 digest authentication
# Extract the user id and use as the search key

authz-regexp
   uid=([^,]*),cn=digest-md5,cn=root
   ldap:///dc=example,dc=com??one?(uid=$1)

authz-regexp
   uid=([^,]*),cn=example.com,cn=digest-md5,cn=root
   ldap:///dc=example,dc=com??one?(uid=$1)


Configuration files in Alfresco :-
1) /opt/Alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/changes.properties
     #
    # LDAP Sync
    #
    # This flag enables use of this LDAP subsystem for authentication. It may be
    # that this subsytem should only be used for synchronization, in which case
    # this flag should be set to false.
   
    ldap.authentication.active=false
    ldap.authentication.java.naming.security.authentication=simple

    # This flag enables use of this LDAP subsystem for user and group
    # synchronization. It may be that this subsystem should only be used for
    # authentication, in which case this flag should be set to false.

    ldap.synchronization.active=true
    ldap.authentication.userNameFormat=%s
    ldap.authentication.allowGuestLogin=true

    # (example specific property)
    ldap.authentication.java.naming.provider.url=ldap://192.0.32.10:389/dc=example,dc=com

    # The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
    # (example specific property)
    ldap.synchronization.java.naming.security.principal=cn=root,dc=example,dc=com

    # The password for the default principal (only used for LDAP sync)
    # (example specific property)
    ldap.synchronization.java.naming.security.credentials={SSHA}xKWKtki8BlF9S8QtxVM0EqUg7e/hCq97

    # If positive, this property indicates that RFC 2696 paged results should be
    # used to split query results into batches of the specified size. This
    # overcomes any size limits imposed by the LDAP server.
    ldap.synchronization.queryBatchSize=1000

    # The query to select all objects that represent the groups to import.
    # (example specific property)
    ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=example,dc\=com))

    # The query to select objects that represent the groups to import that have changed since a certain time.
    # (example specific property)
    ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=example,dc\=com)(!(modifyTimestamp<\={0})))

    # The query to select all objects that represent the users to import.
    # (example specific property)
    ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=example,DC\=com)

(memberOf\=CN\=Sales,OU\=user,DC\=example,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

    # The query to select objects that represent the users to import that have changed since a certain time.
    # (example specific property)
    ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=example,DC\=com)

(memberOf\=CN\=Sales,OU\=user,DC\=example,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

    # The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
    # (example specific property)
    ldap.synchronization.groupSearchBase=dc\=example,dc\=com

    # The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
    # (example specific property)
    ldap.synchronization.userSearchBase=dc\=example,dc\=com

    # The name of the operational attribute recording the last update time for a group or user.
    ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp

    # The timestamp format. Unfortunately, this varies between directory servers.
    ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

    # The attribute name on people objects found in LDAP to use as the uid in Alfresco
    ldap.synchronization.userIdAttributeName=sAMAccountName

    # The attribute on person objects in LDAP to map to the first name property in Alfresco
    ldap.synchronization.userFirstNameAttributeName=givenName

    # The attribute on person objects in LDAP to map to the last name property in Alfresco
    ldap.synchronization.userLastNameAttributeName=sn

    # The attribute on person objects in LDAP to map to the email property in Alfresco
    ldap.synchronization.userEmailAttributeName=mail

    # The attribute on person objects in LDAP to map to the organizational id property in Alfresco
    ldap.synchronization.userOrganizationalIdAttributeName=company

    # The default home folder provider to use for people created via LDAP import
    ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

    # The attribute on LDAP group objects to map to the gid property in Alfrecso
    ldap.synchronization.groupIdAttributeName=cn

    # The group type in LDAP
    ldap.synchronization.groupType=group

    # The person type in LDAP
    ldap.synchronization.personType=user

    # The attribute in LDAP on group objects that defines the DN for its members
    ldap.synchronization.groupMemberAttributeName=member

    synchronization.synchronizeChangesOnly=true
2) /opt/Alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/passthru/passthru1/changes.properties
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
# (domain specific property): NetBIOS name of your domain and
# domain controller.s IP address, add more separated by comm
passthru.authentication.servers=DOMAIN\\192.0.32.10,example.com
ntlm.authentication.sso.enabled=true
alfresco.authentication.allowGuestLogin=false
ntlm.authentication.mapUnknownUserToGuest=false
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=false
passthru.authentication.guestAccess=false
# (domain specific property): list of usernames from AD
# that are to be Alfresco administrators
passthru.authentication.defaultAdministratorUserNames=admin,root

Please somebody help me,were am i going wrong..Smiley Sad
Labels:
0 Kudos
9 REPLIES 9

dward
Champ on-the-rise
Champ on-the-rise

‎07-20-2010 06:22 AM

The specified LDAP server is not reachable from the Alfresco server.

Make sure that you can

ping 192.0.32.10

And is the LDAP server listening on port 389 and is port 389 not being blocked by a firewall? Test this with

telnet 192.0.32.10 389

If it fails to connect there is something wrong with your network and/or firewall configuration. Otherwise, press Ctrl+D to exit.
0 Kudos

dward
Champ on-the-rise
Champ on-the-rise

‎07-20-2010 06:26 AM

Did you say Alfresco is on the same server as the LDAP server? If so, try localhost instead of 192.0.32.10.
0 Kudos

efestione
Champ in-the-making
Champ in-the-making

‎07-20-2010 06:27 AM

Try to substitute:

ldap.authentication.java.naming.provider.url=ldap://192.0.32.10:389/dc=example,dc=com

with

ldap.authentication.java.naming.provider.url=ldap://localhost:389
0 Kudos

sandhya25186
Champ in-the-making
Champ in-the-making

‎07-20-2010 06:49 AM

Thanks alot guys for such a fast response..really appreciate it…

@dward : yes both are on same server and i am able to ping 192.0.32.10
but when i did telnet 192.0.32.10 389, it just waited saying

Trying 192.0.32.10…
then it just waits….

I am using ubuntu server… and have not specified any firewall settings…

Yet…..I tried the localhost instead of ip address..and  now it is giving following error :-
LDAP authentication failed.
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:110)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:85)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:76)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:648)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:645)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:540)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:407)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:1360)
   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1354)
   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)
   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
   at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
   at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
   at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
   at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
   at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
   at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
   at javax.naming.InitialContext.init(InitialContext.java:223)
   at javax.naming.InitialContext.<init>(InitialContext.java:197)
   at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:105)
   … 49 more
10:45:07,795 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Failed initial synchronize with user registries
org.alfresco.repo.security.authentication.AuthenticationException: 06200001 LDAP authentication failed.
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:110)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:85)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:76)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:648)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:645)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:540)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:407)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:1360)
   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1354)
   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:627)
   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
   at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
   at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
   at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
   at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
   at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
   at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
   at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
   at javax.naming.InitialContext.init(InitialContext.java:223)
   at javax.naming.InitialContext.<init>(InitialContext.java:197)
   at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:105)
   … 49 more
10:45:07,799 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronizat

it clearly shows that the credentials are going wrong somewhere…but which credentials?????
any ideas on this one???
0 Kudos

dward
Champ on-the-rise
Champ on-the-rise

‎07-20-2010 07:14 AM

You need to set these properties to the correct value. I don't think th {SSHA} format you have used will work. Just specify the password directly.

ldap.synchronization.java.naming.security.principal=cn=root,dc=example,dc=com
ldap.synchronization.java.naming.security.credentials={SSHA}xKWKtki8BlF9S8QtxVM0EqUg7e/hCq97
0 Kudos

sandhya25186
Champ in-the-making
Champ in-the-making

‎07-20-2010 07:30 AM

But @dward I am using the same credentials as written in /usr/local/etc/openldap/slapd.conf (attached in 1st post)   :?

I even changed it to "secret" both in the slapdconf file as well as ldap1/changes.properties…still the same error….  Smiley Indifferent
0 Kudos

dward
Champ on-the-rise
Champ on-the-rise

‎07-20-2010 07:40 AM

But @sandhya25186 you can't expect java.util.Properties to understand the same encoding format as slapd.conf
0 Kudos

dward
Champ on-the-rise
Champ on-the-rise

‎07-20-2010 07:42 AM

Can you take all that SASL mapping stuff out of slapd.conf? You don't need that unless you are trying MD5-DIGEST authentication. Just restore slapd.conf back to its default.
0 Kudos

sandhya25186
Champ in-the-making
Champ in-the-making

‎07-26-2010 04:05 AM

ok guys… now ive been able to start alfresco without any errors from ldap….

following is the configured slapd.conf file :-
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include          /usr/local/etc/openldap/schema/cosine.schema
include          /usr/local/etc/openldap/schema/nis.schema
include          /usr/local/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args
loglevel        296
modulepath      /usr/lib/ldap
moduleload      back_hdb
sizelimit       500
tool-threads    1
backend         hdb

database        config
rootdn          "cn=admin,cn=config"
rootpw          config

database        hdb
suffix          "dc=macif-lfn,dc=com"
directory       "/usr/local/var/openldap-data"
dbconfig        set_cachesize 0 2097152 0
dbconfig        set_lk_max_objects 1500
dbconfig        set_lk_max_locks 1500
dbconfig        set_lk_max_lockers 1500
index           objectClass eq
lastmod         on
checkpoint      512 30

TLSCertificateFile     /etc/ldap/slapd-cert.pem
TLSCertificateKeyFile  /etc/ldap/slapd-key.pem
TLSCACertificateFile   /etc/ldap/slapd-cert.pem
rootdn          "cn=admin,dc=macif-lfn,dc=com"
rootpw          secret

access to *
        by * write

and tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap-ad1/changes.properties
  #
    # LDAP Sync
    #
    # This flag enables use of this LDAP subsystem for authentication. It may be
    # that this subsytem should only be used for synchronization, in which case
    # this flag should be set to false.
    ldap.authentication.active=false
    ldap.authentication.java.naming.security.authentication=simple

    # This flag enables use of this LDAP subsystem for user and group
    # synchronization. It may be that this subsystem should only be used for
    # authentication, in which case this flag should be set to false.
    ldap.synchronization.active=true
    ldap.authentication.userNameFormat=%s
    ldap.authentication.allowGuestLogin=true
    # (macif-lfn specific property)
    ldap.authentication.java.naming.provider.url=ldap://localhost:389

    # The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
    # (macif-lfn specific property)
    ldap.synchronization.java.naming.security.principal=cn=admin,dc=macif-lfn,dc=com

    # The password for the default principal (only used for LDAP sync)
    # (macif-lfn specific property)
    ldap.synchronization.java.naming.security.credentials=secret

    # If positive, this property indicates that RFC 2696 paged results should be
    # used to split query results into batches of the specified size. This
    # overcomes any size limits imposed by the LDAP server.
    ldap.synchronization.queryBatchSize=1000

    # The query to select all objects that represent the groups to import.
    # (macif-lfn specific property)
    ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=macif-lfn,dc\=com))

    # The query to select objects that represent the groups to import that have changed since a certain time.
    # (macif-lfn specific property)
    ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=macif-lfn,dc\=com)(!(modifyTimestamp<\={0})))

    # The query to select all objects that represent the users to import.
    # (macif-lfn specific property)
    ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=macif-lfn,DC\=com)(memberOf\=CN\=Sales,OU\=user,DC\=macif-lfn,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

    # The query to select objects that represent the users to import that have changed since a certain time.
    # (macif-lfn specific property)
    ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=macif-lfn,DC\=com)(memberOf\=CN\=Sales,OU\=user,DC\=macif-lfn,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))
…..


now the only problem is that… which username/password to use in order to login???
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC