Alfresco 4.0.d and Active Directory synchronization

Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-21-2012 10:24 AM
Hi,
I've followed a lot of tutorials and book and I cannot find a way to make synchronization work.
the errors that I have are :
And my ldap-ad1 file :
I don't understand what is wrong. Someone can help me ?
Best regards,
I've followed a lot of tutorials and book and I cannot find a way to make synchronization work.
the errors that I have are :
2012-09-21 11:47:43,930 INFO [web.site.EditionInterceptor] [http-bio-8080-exec-1] Successfully retrieved license information from Alfresco. 2012-09-21 11:48:35,261 INFO [security.sync.ChainingUserRegistrySynchronizer] [http-bio-8080-exec-52] Synchronizing users and groups with user registry 'ldap-ad1' 2012-09-21 11:48:35,264 INFO [security.sync.ChainingUserRegistrySynchronizer] [http-bio-8080-exec-52] Retrieving all groups from user registry 'ldap-ad1' 2012-09-21 11:48:35,266 ERROR [security.sync.ChainingUserRegistrySynchronizer] [http-bio-8080-exec-52] Synchronization aborted due to error org.alfresco.repo.security.authentication.AuthenticationException: 08210033 LDAP authentication failed. at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:119) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:94) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:87) at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:670) at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:667) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:632) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:435) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.createMissingPerson(ChainingUserRegistrySynchronizer.java:545) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.alfresco.repo.management.subsystems.SubsystemProxyFactory$1.invoke(SubsystemProxyFactory.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy76.createMissingPerson(Unknown Source) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback$1.doWork(AbstractAuthenticationComponent.java:531) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback$1.doWork(AbstractAuthenticationComponent.java:521) at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:519) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback.execute(AbstractAuthenticationComponent.java:520) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback.execute(AbstractAuthenticationComponent.java:509) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.setCurrentUser(AbstractAuthenticationComponent.java:221) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.setCurrentUser(AbstractAuthenticationComponent.java:190) at org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl.authenticateImpl(LDAPAuthenticationComponentImpl.java:126) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:158) at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:65) at org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService.authenticate(AbstractChainingAuthenticationService.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy62.authenticate(Unknown Source) at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:66) at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73) at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235) at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64) at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500) at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209) at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:722)Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307) at javax.naming.InitialContext.init(InitialContext.java:242) at javax.naming.InitialContext.<init>(InitialContext.java:216) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:114) … 76 more2012-09-21 11:48:35,272 WARN [security.sync.ChainingUserRegistrySynchronizer] [http-bio-8080-exec-52] User authenticated but failed to sync with user registry org.alfresco.repo.security.authentication.AuthenticationException: 08210033 LDAP authentication failed. at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:119) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:94) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:87) at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:670) at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:667) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:632) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:435) at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.createMissingPerson(ChainingUserRegistrySynchronizer.java:545) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.alfresco.repo.management.subsystems.SubsystemProxyFactory$1.invoke(SubsystemProxyFactory.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy76.createMissingPerson(Unknown Source) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback$1.doWork(AbstractAuthenticationComponent.java:531) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback$1.doWork(AbstractAuthenticationComponent.java:521) at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:519) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback.execute(AbstractAuthenticationComponent.java:520) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent$FixCurrentUserCallback.execute(AbstractAuthenticationComponent.java:509) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.setCurrentUser(AbstractAuthenticationComponent.java:221) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.setCurrentUser(AbstractAuthenticationComponent.java:190) at org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl.authenticateImpl(LDAPAuthenticationComponentImpl.java:126) at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:158) at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:65) at org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService.authenticate(AbstractChainingAuthenticationService.java:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy62.authenticate(Unknown Source) at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:66) at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73) at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235) at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64) at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393) at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462) at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500) at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372) at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209) at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118) at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:722)Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2835) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2749) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:316) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:307) at javax.naming.InitialContext.init(InitialContext.java:242) at javax.naming.InitialContext.<init>(InitialContext.java:216) at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101) at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:114) … 76 more
And my ldap-ad1 file :
ldap.authentication.active=trueldap.authentication.allowGuestLogin=falseldap.authentication.userNameFormat=%s@mydomain.global.comldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.provider.url=ldap://ADSERVER:389ldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.defaultAdministratorUserNames=adminuserldap.synchronization.active=trueldap.synchronization.java.naming.security.authentication=simpleldap.synchronization.java.naming.security.principal=CN=alfresco sync account,OU=OneGroup,OU=MasterGroup,DC=mydomain,DC=global,DC=comldap.synchronization.java.naming.security.credentials=Passwordldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass\=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))ldap.synchronization.groupSearchBase=DC\=mydomain,DC\=global,DC\=comldap.synchronization.userSearchBase=DC\=mydomain,DC\=global,DC\=comldap.synchronization.modifyTimestampAttributeName=modifyTimestampldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'ldap.synchronization.userIdAttributeName=sAMAccountNameldap.synchronization.userFirstNameAttributeName=givenNameldap.synchronization.userLastNameAttributeName=snldap.synchronization.userEmailAttributeName=mailldap.synchronization.userOrganizationalIdAttributeName=companyldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProviderldap.synchronization.groupIdAttributeName=cnldap.synchronization.groupDisplayNameAttributeName=displayNameldap.synchronization.groupType=groupldap.synchronization.personType=userldap.synchronization.groupMemberAttributeName=memberldap.synchronization.enableProgressEstimation=true
I don't understand what is wrong. Someone can help me ?
Best regards,
Labels:
- Labels:
-
Archive
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2012 09:26 AM
I had a lot more success once I put the config into alfresco-global.properties in ./tomcat/shared/classes (using ubuntu 10.04 lts)
Do you need to sync with more than one ldap server? if not then put it in alfresco-global.properties.
What type ldap is this? Active Directory or another? My experience is with AD. Took me about a month to get ldap sync and kerberos SSO working but worth it in the end…
Do you need to sync with more than one ldap server? if not then put it in alfresco-global.properties.
What type ldap is this? Active Directory or another? My experience is with AD. Took me about a month to get ldap sync and kerberos SSO working but worth it in the end…
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2012 09:30 AM
"AuthenticationException: [LDAP: error code 49 - Invalid Credentials] Cause: The DN path or password which you have specified for the administrator is invalid."
I notice you have a space in the ldap username - no idea if this makes a difference but I always use service accounts with no spaces in, to avoid having to escape any characters (in case that is required - no idea)
Otherwise check the ad account isnt locked out, doesnt expire and that creds are correct. if necessary log in as that account on your domain somewhere. From your posted ldap-ad1 settings I would venture you are using AD.
I notice you have a space in the ldap username - no idea if this makes a difference but I always use service accounts with no spaces in, to avoid having to escape any characters (in case that is required - no idea)
Otherwise check the ad account isnt locked out, doesnt expire and that creds are correct. if necessary log in as that account on your domain somewhere. From your posted ldap-ad1 settings I would venture you are using AD.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2012 09:32 AM
Oh, I know its adobe's site, but LDAP advice available here:
http://helpx.adobe.com/legacy/kb/ldap-troubleshooting.html
I also recommend you grab a copy of Softerra Ldap browser, very useful for working out search bases etc.
You may also wish to enable audit failure logging on the AD server you are auth'ing against to see if/why auth is failing from the windows events log.
Good luck!
http://helpx.adobe.com/legacy/kb/ldap-troubleshooting.html
I also recommend you grab a copy of Softerra Ldap browser, very useful for working out search bases etc.
You may also wish to enable audit failure logging on the AD server you are auth'ing against to see if/why auth is failing from the windows events log.
Good luck!
