cancel
Showing results for 
Search instead for 
Did you mean: 

alfresco 4.0d ldap-ad not working

xixi999
Champ in-the-making
Champ in-the-making
New default install community 4.0d on ubuntu 10.04

follow the the  instruction
https://forums.alfresco.com/en/viewtopic.php?f=9&t=41548

in Alfresco/tomcat/shared/classes
put this line into alfresco-global.properties file
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

Created both path and file
Alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/ldap-ad-authentication.propertie


ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@YOURDOMAINHERE
ldap.authentication.java.naming.provider.url=ldap://IP:389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco,yourusername
ldap.synchronization.java.naming.security.principal=alfresco@YOURDOMAINHERE.com
ldap.synchronization.java.naming.security.credentials=*************
ldap.synchronization.groupSearchBase=cn=someOU,dc=YOURDOMAIN,dc=COM
ldap.synchronization.userSearchBase=cn=someOU,dc=YOURDOMAIN,dc=COM

Now I can't login with the AD user.

But same config file working fine with 4.0c.
6 REPLIES 6

xixi999
Champ in-the-making
Champ in-the-making
15:28:04,355  ERROR [extensions.webscripts.AbstractRuntime] [http-8080-38] Exception from executeScript - redirecting to status template error: 01210006 Login failed
org.springframework.extensions.webscripts.WebScriptException: 01210006 Login failed
   at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)
   at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)
   at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235)
   at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)
   at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393)
   at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
   at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462)
   at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500)
   at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275)
   at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372)
   at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)
   at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
   at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
   at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
   at java.lang.Thread.run(Thread.java:662)
2012-02-21 15:28:11,167  ERROR [extensions.webscripts.AbstractRuntime] [http-8080-49] Exception from executeScript - redirecting to status template error: 01210007 Login failed
org.springframework.extensions.webscripts.WebScriptException: 01210007 Login failed
   at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)
   at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)
   at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235)
   at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)
   at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393)
   at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
   at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462)
   at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500)
   at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275)
   at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372)
   at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)
   at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
   at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
   at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
   at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
   at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:857)
   at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:588)
   at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
   at java.lang.Thread.run(Thread.java:662)

dranakan
Champ on-the-rise
Champ on-the-rise
Hello,

Please use code tags to post log…

Copy paste error ? File is .propertieS
/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/ldap-ad-authentication.propertie

mrogers
Star Contributor
Star Contributor
There's no need to faff with a subsystem over-ride if you only have one AD to connect to.   Just stick your settings in alfresco-global.properties.

xixi999
Champ in-the-making
Champ in-the-making
thanks dranakan
It's a type error, file name is .properties.

xixi999
Champ in-the-making
Champ in-the-making
thanks mrogers , I removed the ldap1 folder, add ldap setting in the alfresco-global.properties. Now the AD user can login, but I still got some errors  from the log file. I must missing something in the setting. please help…

Retrieving all groups from user registry 'ldap1'
2012-02-23 09:28:09,410  ERROR [security.sync.ChainingUserRegistrySynchronizer] [main] Synchronization aborted due to error
org.alfresco.repo.security.authentication.AuthenticationException: 01230003 LDAP authentication failed.
   at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:119)
   
(Bootstrap.java:414)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece


Bootstrap.java:414)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece

extensions.webscripts.DeclarativeRegistry] [main] Unable to register script classpath:webscripts/org/springframework/extensions/cmis/content.get.desc.xml due to error: 01230000 Web Script document org/springframework/extensions/cmis/content.get.desc.xml is attempting to define the url '/cmis/content:GET' already defined by org/alfresco/cmis/client/content.get.desc.xml
2012-02-23 09:28:17,044

[security.sync.ChainingUserRegistrySynchronizer] [http-8080-14] Retrieving all groups from user registry 'ldap1'
2012-02-23 09:33:42,041  ERROR [security.sync.ChainingUserRegistrySynchronizer] [http-8080-14] Synchronization aborted due to error
org.alfresco.repo.security.authentication.AuthenticationException: 01230016 LDAP authentication failed.
   at

huzefa
Champ in-the-making
Champ in-the-making
Thanks mrogers ,
Your suggestion worked!
I removed the ldap1 folder and added my ldap-ad settings in the alfresco-global.properties file.

Remember to escape any backslashes in the entries, it took me a while to figure out that <domain>\<username> should be <domain>\\<username>!