Hyland Connect

mkramer2 · ‎04-24-2013

Dear forum,

I've recently started with an alfresco deployment at a university in germany and am battling with the authentication mechanisms.

The local directory service is OpenLDAP. Passwords are stored as hashes in LDAP. I would really like to use the CIFS functionality of Alfresco.
I will not be able to do that via OpenLDAP as authenticating instance.

If I use the syncing option and do not use the authentication option, does it actually replicate my directory into Alfresco and create local accounts with the password hashes saved as well? Would I be able to authenticate locally and thus use the CIFS server?

If so:
It will probably be a tough case to sell to our Directory Admin. So I need to know about the security of it all.
Where and how are the passwords stored? How safe is it to sync all users from the directory?

morrison1977 · ‎04-24-2013

Hey, I've got Alfresco 4.2c running at the University of Indianapolis, and I've setup authentication to our Red Hat 389 Directory Server, but I have not been able to get CIFS working.
I posted a similar question but got nothing in way of response. Sadly our main initiative for Alfresco was to be as a replacement for Samba and without that working the project has now been put on the shelf.
Good Luck.

http://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-ldap...

mkramer2 · ‎04-25-2013

CIFS works fine here, though only with local users. Have you thought about embedding a Kerberos KDC into your directory structure?
It should work fine with Kerberos.
Have you tried other authentication options?

mrogers · ‎04-25-2013

To answer th op's question. No sync does not create authentication details within alfresco. Sync is independent of authentication and works on person and group objects only.

Hyland Connect

Does an LDAP Sync create AlfrescoNTLM accounts?