Hyland Connect

smkhawaja · ‎03-02-2010

Hi guys,

I am facing a strange issue.

I am using this ldap.authentication.userNameFormat as mentioned below
ldap.authentication.userNameFormat=CN=%s,ou=Alfresco_West,dc=dare,dc=local
in ldap authentication file
"/opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties"

Its really strange, few users are able to authenticate while others or not. Any idea why? or how can I troubleshoot it?

Thanks in advance.

Soh

dward · ‎03-02-2010

Add this to log4j.properties

log4j.logger.org.alfresco.repo.security.authentication=debug

What do you see in alfresco.log when one of the users tries to log in?

smkhawaja · ‎03-02-2010

Hi dward,
Thanks for replying here.

# find /opt/alfresco/ -name log4j.properties
/opt/alfresco/tomcat/webapps/share/WEB-INF/classes/log4j.properties
/opt/alfresco/tomcat/webapps/mobile/WEB-INF/classes/log4j.properties
/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties

I have added
log4j.logger.org.alfresco.repo.security.authentication=debug
in
/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties

I can't find the file alfresco.log?
# find /opt/alfresco/ -name alfresco.log
[root@alfOxf ~]#

Do I have to create it manually?

smkhawaja · ‎03-02-2010

Now when I start logging from Alfresco I get these logs in catalina.out


15:16:53,153  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Authenticating user "test0011"
15:16:53,164  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Setting the current user to "test0011"
15:16:53,164 User:test0011 DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] User "test0011" authenticated successfully
15:16:57,832  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Setting the current user to "test0011"
15:17:10,806  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Authenticating user "SVC_ALF"
15:17:10,810  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Setting the current user to "SVC_ALF"
15:17:10,810 User:SVC_ALF DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] User "SVC_ALF" authenticated successfully
15:17:14,219  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Setting the current user to "SVC_ALF"
15:17:30,073  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] Authenticating user "svc123"
15:17:30,075  DEBUG [authentication.ldap.LDAPAuthenticationComponentImpl] [b]Failed to authenticate user "svc123"[/b]
org.alfresco.repo.security.authentication.AuthenticationException: 02020005 LDAP authentication failed.
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFact             oryImpl.java:116)
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getInitialDirContext(LDAPInitialDirContextFactor             yImpl.java:199)
        at org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl.authenticateImpl(LDAPAuthenticationComponentImpl.             java:128)
        at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:164)
        at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:127)
        at org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService.authenticate(AbstractChainingAuthenticationServi             ce.java:165)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:304)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
        at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.jav             a:49)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at $Proxy27.authenticate(Unknown Source)
        at org.alfresco.web.bean.LoginBean.login(LoginBean.java:295)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:132)
        at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61)
        at javax.faces.component.UICommand.broadcast(UICommand.java:109)
        at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
        at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
        at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
        at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
        at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
        at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.alfresco.web.app.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:124)
        at sun.reflect.GeneratedMethodAccessor397.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
       at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:122)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at $Proxy187.doFilter(Unknown Source)
        at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.alfresco.repo.web.filter.beans.NullFilter.doFilter(NullFilter.java:74)
        at sun.reflect.GeneratedMethodAccessor397.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:122)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at $Proxy187.doFilter(Unknown Source)
        at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
        at java.lang.Thread.run(Thread.java:619)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext er             ror, data 525, vece]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
        at javax.naming.InitialContext.init(InitialContext.java:223)
        at javax.naming.InitialContext.<init>(InitialContext.java:197)
        at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:111)
        … 70 more

‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I get the same error with other users, so few users are being authenticated and few not. svc123 exists and other users are also exist which are being authenticated by ldap. Any help?

Soh

dward · ‎03-02-2010

According to this page the "data 525" part of your error message means "User Not Found" in AD.

http://www-01.ibm.com/support/docview.wss?rs=688&uid=swg21290631

I see you are using a fixed user DN format

ldap.authentication.userNameFormat=CN=%s,ou=Alfresco_West,dc=dare,dc=local

Could it be that some user IDs cannot be resolved this way? E.g. some users are not in the Alfresco_West ou or something else?

If you are using a recent version of 3.2, you can set the format mask to be empty in tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties, in which case it will use userQuery to resolve the DN. This is more flexible and can cope with users spread around different ous.

ldap.authentication.userNameFormat=

But I note that you are using Active Directory. I am therefore wondering why you are using CN as the user ID attribute and not SAMAccountName. In fact, why aren't you using the ldap-ad subsystem?

Please see the notes here about setting userNameFormat to a UPN. This is the best (and default) solution for AD.

http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems#Configuration_2

kyriakos · ‎03-03-2010

dward when i write ldap.authentication.userNameFormat=%s@mydomain
i can see only the user from my pc.
when i leave it blank like this ldap.authentication.userNameFormat=
i see noone….

dward · ‎03-03-2010

What do you mean "I can see"? Do you mean "I can authenticate as"?

If it doesn't work when userNameFormat is blank then your personQuery is probably configured wrongly. Is LDAP sync working? I.e. have users and groups been created in Alfresco for all your LDAP users and groups?

kyriakos · ‎03-03-2010

well i play with it for a while and i understood that when i login for the first time with a valid username and password which exists on Active Directory then it creates ( like unlocking ) the user and can see him from user query. but in the query i can see only those users that has been "added" due to this action.

for sync i don't know if it is running correclty
i get those errors and warn hope they can help you

12:56:39,394 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/repository.properties]
12:56:39,394 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/domain/transaction.properties]
12:56:39,409 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from URL [file:/C:/Alfresco/tomcat/shared/classes/alfresco-global.properties]
12:56:39,612 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:56:55,675 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from file [C:\Alfresco\tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap-ad1\ldap-ad-authentication.properties]
12:57:25,566 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
12:57:28,753 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
12:57:30,597 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'sysAdmin' subsystem, ID: [sysAdmin, default]
12:57:30,612 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:30,628 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'sysAdmin' subsystem, ID: [sysAdmin, default] complete
12:57:35,237 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'thirdparty' subsystem, ID: [thirdparty, default]
12:57:35,269 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:37,925 ERROR [org.alfresco.util.exec.RuntimeExecBootstrapBean] Bootstrap command failed: 
Execution result: 
   os:         Windows XP
   command:    [soffice, -accept=socket,host=localhost,port=8100;urp;StarOffice.ServiceManager, -env:UserInstallation=file:///C:/Alfresco/alf_data/oouser, -nologo, -headless, -nofirststartwizard, -nocrashrep, -norestore]
   succeeded:  false
   exit code:  2
   out:        
   err:        Cannot run program "soffice": CreateProcess error=2, The system cannot find the file specified
12:57:39,034 WARN  [org.alfresco.util.OpenOfficeConnectionTester] An initial OpenOffice connection could not be established.
12:57:39,816 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'thirdparty' subsystem, ID: [thirdparty, default] complete
12:57:39,972 WARN  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco 'dir.root' property is set to a relative path './alf_data'.  'dir.root' should be overridden to point to a specific folder.
12:57:39,972 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: .\alf_data
12:57:40,050 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
12:57:40,753 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
12:57:40,769 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 1 module(s).
12:57:40,925 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Starting module 'org.alfresco.module.vti' version 1.2.
12:57:41,112 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'fileServers' subsystem, ID: [fileServers, default]
12:57:41,128 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:41,503 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [Authentication, managed, ldap-ad1]
12:57:41,550 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:41,675 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap-ad1] complete
12:57:41,706 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [fileServers, default] complete
12:57:41,706 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [imap, default]
12:57:41,737 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:41,878 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [imap, default] complete
12:57:41,878 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Enabled - calculate missing user usages …
12:57:41,925 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Found 0 users to recalculate
12:57:41,925 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] … calculated missing usages for 0 users
12:57:41,925 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [Synchronization, default]
12:57:41,956 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:57:42,034 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap-ad1'
12:57:42,050 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap-ad1'
12:57:42,112 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 Group Analysis: Commencing batch of 0 entries
12:57:42,128 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 Group Analysis: Completed batch of 0 entries
12:57:42,128 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all users from user registry 'ldap-ad1'
12:57:42,144 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 User Creation and Association: Commencing batch of 0 entries
12:57:42,144 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 User Creation and Association: Completed batch of 0 entries
12:57:42,144 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap-ad1'
12:57:42,144 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] 0 user(s) and 0 group(s) processed
12:57:42,159 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete
12:57:42,519 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_16-b01; maximum heap size 493,063MB
12:57:42,519 WARN  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - WARNING - maximum heap size 493,063MB is less than recommended 512MB
12:57:42,519 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Community): Current version 3.2.0 (r2 2440) schema 3300 - Originally installed version 3.2.0 (r2 2440) schema 3300
12:57:43,394 INFO  [org.alfresco.module.vti.VtiServer] Vti server started successfully on port: 7070
12:58:22,253 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'wcm_deployment_receiver' subsystem, ID: [wcm_deployment_receiver, default]
12:58:22,300 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:58:22,534 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'wcm_deployment_receiver' subsystem, ID: [wcm_deployment_receiver, default] complete
12:58:25,362 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Refreshing org.alfresco.config.JBossEnabledWebApplicationContext@f181e9: display name [Root WebApplicationContext]; startup date [Wed Mar 03 12:58:25 EET 2010]; root of context hierarchy
12:58:25,878 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Bean factory for application context [org.alfresco.config.JBossEnabledWebApplicationContext@f181e9]: org.springframework.beans.factory.support.DefaultListableBeanFactory@1e9a8e3
12:58:27,862 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 22 Web Scripts (+0 failed), 24 URLs
12:58:27,878 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised Presentation Web Script Container (in 347.1506ms)
12:58:28,065 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 40 Web Scripts (+0 failed), 42 URLs
12:58:28,097 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised WebFramework Web Script Container (in 200.02438ms)
12:58:28,190 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework
12:58:32,518 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

kyriakos · ‎03-03-2010

no users and groups have been created

dward · ‎03-03-2010

Your personQuery and groupQuery must be incorrect.

I think I know why, because it transpires you are using Active Directory.

If you are using Active Directory, use the ldap-ad subsystem! Why don't you read any of the documentation before trying to use the product?

So

1. change alfresco-global.properties
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

2.

mkdir -p $TOMCAT_HOME/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1
cp $TOMCAT_HOME/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/*.properties $TOMCAT_HOME/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1

3. Then edit $TOMCAT_HOME/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/ldap-ad-authentication.properties so that it matches your environment. There should be no need to change personQuery or groupQuery. Just userSearchBase, groupSearchBase, userNameFormat and username and password.

Hyland Connect

few users are unable to authenticate by ldap?why?