Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco Community 5.0 with AD

karthikjaps
Champ in-the-making
Champ in-the-making

‎08-05-2015 07:29 AM

Hi , i am new to Alfersco , right now i install Alfresco Community 5.0 in my machine and testing to integerate my AD user with it , but i try some link which available in site, now its confused , can any one pls share some documentation for this current version AD Integration .

i have an doute on following this ,

1- while adding  "  authentication.chain=ldap-ad1:ldap-ad,alfrescoNtlm1:alfrescoNtlm " in  repository.properties , This  repository.properties ws not exits in current version so i have to add in following location right ?

/opt/alfresco-5.0.d/tomcat/shared/classes# nano alfresco-global.properties


2-then i have to create folder in  tomcat/webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication

ldap-ad-authentication.properties file in ldap-ad folder right  ?


3-then i ldap-ad-authentication.properties , i add the following details for my AD integration this is correct ?




ldap.authentication.active=true
ldap.authentication.userNameFormat=uid=%s,dc=example,dc=demo,dc=com
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.java.naming.provider.url=ldap://192.168.1.1:389

ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=administrator


ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=cn=reader,cn=users,dc=example,dc=demo,dc=com
ldap.synchronization.java.naming.security.credentials=13061111

dap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000

ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.personQuery=(objectclass\=user)


ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0}))

ldap.synchronization.groupSearchBase=dc=example,dc=demo,dc=com
ldap.synchronization.userSearchBase=dc=example,dc=demo,dc=com

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName



This is correct or anything i missed ? 
Labels:
0 Kudos
3 REPLIES 3

tybion
Champ in-the-making
Champ in-the-making

‎08-05-2015 09:31 PM

I have recently set up LDAP authentication on 2 Alfresco servers - 5.0.d and 4.2 - using the exactly the same config files.
I only needed to edit 2 files ..
1. /opt/alfresco-5.0.d/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties
2. /opt/alfresco-5.0.d/tomcat/shared/classes/alfresco-global.properties

I wrote a blog - and although it is for LDAP (not AD), it might be of some help.

http://geofoss.net/category/alfresco/

Please let me know if it helps.
0 Kudos

karthikjaps
Champ in-the-making
Champ in-the-making
In response to tybion

‎08-06-2015 01:24 AM

Thanks tybion , AD and LDAP configuration are same or i have to change some ?
0 Kudos

tybion
Champ in-the-making
Champ in-the-making
In response to karthikjaps

‎08-07-2015 08:27 PM

AD and LDAP will be similar, but not the same.

I suggest you download the Alfresco source from https://github.com/Alfresco/community-edition/archive/master.zip
and use the example ldap-ad-authentication.properties file in there - most of this will be correct - check every value in the file to see if it needs to be customised - eg. authentication username and password need to be customised

I found the example properties file at this location in the downloaded source ..
alf_src/community-edition-master/projects/repository/config/alfresco/subsystems/Authentication/ldap-ad/ldap-ad-authentication.properties

The alfresco-global.properties file will also be different to my LDAP config.
Refer to the Alfresco manual - http://docs.alfresco.com/5.0/tasks/auth-example-oneldap-ad.html - but you might still want to use my sychnronization options while testing.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC