Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco 5.0a Active Directory sync works but no login possible

lw3234
Champ in-the-making
Champ in-the-making

‎10-07-2014 05:16 AM

Hi everybody,

I recently set up Alfresco 5.0a in a clean install of Ubuntu 14.04 LTS for testing purpose. I managed to get the active directory integration working as far as all users and groups a specified show up in Alfresco Admin-Tools when logged in with the local admin account.

However, if I try to login with an AD user, which has been, according to the alfresco logs successfully been synced before, I get an error on the login page and nothing more.

Since there is no error in connecting with AD or retrieving users etc. I have no idea where to start searching for the probleme with siging in here.

Thank you for your help !

Cheers,
Ludwig

Labels:
0 Kudos
6 REPLIES 6

mrogers
Star Contributor
Star Contributor

‎10-07-2014 06:47 AM

Have you turned on authentication?   What are your settings?
0 Kudos

lw3234
Champ in-the-making
Champ in-the-making
In response to mrogers

‎10-07-2014 06:59 AM

Authentication via AD is turned off; the authentication-chain is set to be alfrescoNtlm1:alfrescoNtlm,passthru1Smiley Tongueassthru,ldap1:ldap-ad.

Settings are as follows:

alfrescoNtlm1
    ntlm.authentication.sso.enabled=false
    alfresco.authentication.authenticateCIFS=false
passthru1
    ntlm.authentication.sso.enabled=true
    passthru.authentication.authenticateCIFS=true
ldap1
    ldap.authentication.active=false
    ldap.synchronization.active=true


The ubuntu server is a domain member via samba and winbind where authentication on networkshares works fine.



0 Kudos

mrogers
Star Contributor
Star Contributor

‎10-07-2014 07:23 AM

You have authentication turned off!   So you can't authenticate.

ldap.authentication.active=false   
0 Kudos

lw3234
Champ in-the-making
Champ in-the-making
In response to mrogers

‎10-07-2014 07:28 AM

Shouldn't be the authentication passed over then via pass-through automatically ?
Iam referring to the alfresco wiki here: https://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#Example_1:_Advanced_AD_Chain


Let me put it another way round. What I want to achieve is:

- AD synchronisation of specific users and groups
- Authentication for alfresco web and CIFS with that users

Since AD authentication cannot be used for CIFS I need to use either pass-through or Kerberos to accomplish that.

Regarding "best practices" what is the better solution ? Using pass-through or kerberos for authentication ?
0 Kudos

mrogers
Star Contributor
Star Contributor

‎10-07-2014 09:30 AM

AFAIK Kerberos is the only recommended way of authenticating for CIFS.   (I've not investigated in the last year or so) 

So your issue is actually with passthrough authentication.    And you have a fairly tricky config since your server is not on windows so if you post details here someone may be able to help.   
0 Kudos

lw3234
Champ in-the-making
Champ in-the-making
In response to mrogers

‎10-07-2014 12:45 PM

Just solved this issue. In fact it was just a stupid missconfiguration of the parameter "passthru.authentication.servers=" where the wrong server was set since the file was copied from an older setup.

Thank you for your help !

Cheers
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC