Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configure LDAP (only membersOf a group AD)

sergio1024
Champ in-the-making
Champ in-the-making

‎01-11-2010 09:58 AM

Hello,

First sorry for my english…I'm french..
I'm trying Alfresco (ubuntu package) in ubuntu server 9.10.

I have some questions ….:

1.My configuation of LDAP authentication works but but I'd like to only allow users members of my Active Directory group (GR_ALFRESCO).
What line i have modify in the "ldap-ad-authentication.properties" If someone can explain the process …

I try to recover goups and users who are members of the group GR_ALFRESCO.
The group is in the UO:
mondomaine.com
- site1 (UO)
—- Groups (UO)
——– ALFRESCO (Group)

I changed the file ldap-ad-authentication.properties as follows:

# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com))

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(!(modifyTimestamp<\={0})))

# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com

# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=memberOf\=cn\=ALFRESCO,ou\=Groups,ou\=site1,dc\=mondomaine,dc\=com

I have this error : javax.naming.InvalidNameException: memberOf=cn=ALFRESCO,ou=Groups,ou=site1,dc=mondomaine,dc=com [LDAP: error code 34 - 0000208F: NameErr: DSID-031001BA, problem 2006 (BAD_NAME).

an idea ?
Thanks for help.
Labels:
0 Kudos
1 REPLY 1

dward
Champ on-the-rise
Champ on-the-rise

‎01-12-2010 07:29 AM

You should use the memberof in the personQuery and personDifferentialQuery. See http://forums.alfresco.com/en/viewtopic.php?f=9&t=22151&p=72902#p72902
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC