Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Configuring LDAP Microsoft AD with Alfresco

merryo
Champ in-the-making
Champ in-the-making

‎03-30-2012 03:56 AM

Hi, Folks

I have installed Alfresco community 4.0 edition with all the default settings which are working f9. Now I want to configure microsoft AD with alfresco so that my users can be authenticated and syncronization shall done from microsoft AD. Can anyone help me how to do it. As i had gone through the documentation and did try it but no success. Highly appreciate if detailed configuration guide is shared with me.

Thanks
merryo
Labels:
0 Kudos
7 REPLIES 7

scouil
Star Contributor
Star Contributor

‎03-30-2012 10:24 AM

Hello,

Can you detail what documentation you used so that we can fix it if something's wrong with it?
Can you tell us what file you've modified? With what changes?
And maybe posting your log file would help.

I'd suggest you to look on the forum for similar issues, it's usually richer in experiences and details than the wiki.
You might wanna start with this one https://forums.alfresco.com/en/viewtopic.php?f=46&t=14737.
Or directly look at the last post https://forums.alfresco.com/en/viewtopic.php?f=46&t=14737&start=15#p116244 (sorry for the egocentric link to my own post). Forget about the rant in the first line of the post and the 3.4 version comment (it's the same system in the 4.0) and start at line4.

Good luck
0 Kudos

ashex
Champ in-the-making
Champ in-the-making

‎03-30-2012 04:25 PM

You'll need to give us more information about the problems you're having for us to help you Smiley Happy

Take a look at these resources:

http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#LDAP

http://docs.alfresco.com/4.0/topic/com.alfresco.enterprise.doc/concepts/auth-ldap-intro.html
0 Kudos

unknown-user
Champ on-the-rise
Champ on-the-rise

‎04-13-2012 05:17 PM

I feel your pain, i spent yesterday afternoon and this morning figuring it out.

append the following to your global properties file (change your specific values, like server name, username etc)
### Authentication ###authentication.chain=passthru1:passthru,ldap-ad1:ldap-ad‍‍‍‍

### Passthru Config ###passthru.authentication.useLocalServer=falsepassthru.authentication.domain=passthru.authentication.servers=DOMAIN\\SERVER1.DOMAIN.COM,DOMAIN\\SERVER2.DOMAIN.COM,SERVER1.DOMAIN.COMpassthru.authentication.guestAccess=falsepassthru.authentication.defaultAdministratorUserNames=Administrator,admin#Timeout value when opening a session to an authentication server, in millisecondspassthru.authentication.connectTimeout=5000#Offline server check interval in secondspassthru.authentication.offlineCheckInterval=300passthru.authentication.protocolOrder=NetBIOS,TCPIPpassthru.authentication.authenticateCIFS=truepassthru.authentication.authenticateFTP=truentlm.uthentication.sso.enabled=falsentlm.authentication.mapUnknownUserToGuest=false‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍


### LDAP-AD Auth ###ldap.authentication.active=falseldap.authentication.allowGuestLogin=falseldap.authentication.userNameFormat=%s@domainldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.provider.url=ldap://server1.domain.com:389ldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.defaultAdministratorUserNames=Administrator,admin‍‍‍‍‍‍‍‍‍‍‍‍


### LDAP-AD Synch ###ldap.synchronization.active=trueldap.synchronization.java.naming.security.authentication=simpleldap.synchronization.java.naming.security.principal=administrator@domain.comldap.synchronization.java.naming.security.credentials=your-admin-passwordldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.groupQuery=(objectclass\=group)ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))ldap.synchronization.groupSearchBase=ou\=MyGroups,ou\=MyCompany,dc=domain,dc=comldap.synchronization.userSearchBase=ou\=MyUsers,ou\=MyCompany,dc=domain,dc=comldap.synchronization.modifyTimestampAttributeName=modifyTimestampldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'ldap.synchronization.userIdAttributeName=sAMAccountNameldap.synchronization.userFirstNameAttributeName=givenNameldap.synchronization.userLastNameAttributeName=snldap.synchronization.userEmailAttributeName=mailldap.synchronization.userOrganizationalIdAttributeName=companyldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProviderldap.synchronization.groupIdAttributeName=cnldap.synchronization.groupDisplayNameAttributeName=displayNameldap.synchronization.groupType=groupldap.synchronization.personType=userldap.synchronization.groupMemberAttributeName=memberldap.synchronization.enableProgressEstimation=true‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍


With the above i was able to use passthru authentication against AD and to sync the user information from AD. My problem was understanding the "passthru.authentication.servers" directive as explained in the docs, once i got it, i was able to set it up correctly.
0 Kudos

arunkumar_p
Champ in-the-making
Champ in-the-making

‎11-01-2014 09:59 AM

Hi guys,i am new to Alfresco,i have installed Alfresco community edition 5.0 i am unable to sync with Active Directory.So any one help me to bring the output soon.
Is there a possible to sync with Active directory in Alfresco community edition 5.0?

Regards,
Arunkumar.p
0 Kudos

vignesh_sabapat
Champ in-the-making
Champ in-the-making
In response to arunkumar_p

‎11-03-2014 11:07 AM

Please provide your configuration to look for issues. Also you can enable debugging and look into log files for the reason for failure.
0 Kudos

olajohn
Champ in-the-making
Champ in-the-making
In response to vignesh_sabapat

‎04-24-2015 07:37 AM

Hi Vignesh. Can you please recommend a working signature addon for Alfresco 4.2f. I've spent several hour looking and test, but I could not get any to work. I will also appreciate a link to detail instruction to get such recommended solution working on Alfresco 4.2f (community)

Thanks.
0 Kudos

102020
Champ on-the-rise
Champ on-the-rise

‎11-04-2014 11:51 AM

https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/installation-upgra...
Just jump to the AD and SSO part. yw
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top