Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

intergrate users of domain Controller in Alfresco

thk
Champ on-the-rise
Champ on-the-rise

‎01-19-2016 12:46 PM

Hi,


We want that every user in the company get an account for alfresco. But we don`t want create this accounts twice, in the Domain Controller and in Alfresco.
Best would be Single-sign on.
Whats the easiest way to get this?

Thanks in advance.
Labels:
0 Kudos
5 REPLIES 5

mrogers
Star Contributor
Star Contributor

‎01-20-2016 10:00 AM

Either use passthru authentication if you are only using your domain controller for authentication, .   Or, if you have other attributes in your AD then use LDAP sync.
0 Kudos

thk
Champ on-the-rise
Champ on-the-rise
In response to mrogers

‎02-03-2016 08:27 AM

Hi, I still have questions to configure passthru authentication.
For passthru (I don`t know yet if I also need LDAP) I added in the alfresco-global.properties:

authentication.chain=passthru1:passthru
alfresco.authentication.authenticateCIFS=false
ldap.authentication.active=false
passthru.authentication.servers=<IP of our domain server>\\name.com,name.com
passthru.authentication.domain=# Leave blank
passthru.authentication.useLocalServer=false


I works now that I can login into Alfresco using any user of our Domain Controller. But the user is only added as an Alfresco user after this user logs in for the first time in Alfresco. And now I want to grant rights to a site for every user. How can I do this best? Do I have to wait until each user logged in for the first time and grant them this right one by one? also i cannot use the admin user I created before, because he is not in the Domain controller.

Is it correct to put this variables in alfresco-global.properties?
Is the line passthru.authentication.servers correct like this (name.com = name of our domain)?
In the documentation (http://docs.alfresco.com/community5.0/tasks/auth-example-passthu.html) is written the following:
<blockquote>After running the previous commands, two separate properties files should appear in your passthru1 directory. These are:

    passthru-authentication-context.properties
    ntlm-filter.properties</blockquote>

But there is no passthru-authentication-context.properties, only ntlm-filter.properties
in the directory /tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/ !
and which previous commands as mentioned in the documentation I should run?

Thanks for help in advance.
0 Kudos

douglascrp
World-Class Innovator
World-Class Innovator

‎02-29-2016 08:27 PM

It is correct to put those properties into the alfresco-global.properties

In order to have the users created in Alfresco, you have to enable the LDAP synchronization, and to allow the login using both domain users and local users (like admin), you have to change the authentication.chain to use alfresco, like this:
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
0 Kudos

thk
Champ on-the-rise
Champ on-the-rise
In response to douglascrp

‎03-03-2016 02:20 PM

ah thanks,

I already wondered why I can login with any domain user now but the users are not visible in the menu "persons". So they the users only created in Alfresco if I use
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap instead of
authentication.chain=alfinst:alfrescoNtlm,passthru1Smiley Tongueassthru ?

Further we want to upload all our documents but with all permission of the domain users on this documents. How can we do this?

Thanks for help!
0 Kudos

douglascrp
World-Class Innovator
World-Class Innovator

‎03-29-2016 02:45 PM

Add the property bellow into alfresco-global.properties in order to have you LDAP users synchronized into Alfresco

ldap.synchronization.active=true

By default, the synchronization is executed once a day or when Alfresco is restarted.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC