Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

LDAP Active Directory Auth klappt, sync nicht

sb1017_5337
Champ in-the-making
Champ in-the-making

‎10-15-2009 05:07 PM

Hi,
ich habe es nach Stunden der Forensuche dann doch endlich hinbekommen, dass die Authentifizierung aller User über LDAP funktioniert. Leider werden die User erst angelegt, wenn ich mich einlogge. Die Gruppen aus meinem Win2003 Active Directory sind gar nicht erst vorhanden. Ich habe meinen Testuser in Windows gelöscht, leider existiert er in Alfresco weiter und kann dort auch nicht gelöscht werden.
Ich möchte, dass bestimmte Gruppen sowie alle User die sich darin befinden synchronisiert werden. Welche Einstellungen muss ich in folgenden Parametern vornehmen?
#ldap.synchronization.userSearchBase=ou=,dc=iconserver.iConsultantsUG,dc=local#ldap.synchronization.groupSearchBase=ou=<OUcontainingUsers>,dc=iconserver.iConsultantsUG,dc=local‍‍‍‍

Welche Einstellung ist noch falsch?
Datei: tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ap\lpad1
ldap.authentication.userNameFormat=%s@ICONSULTANTSUGldap.authentication.java.naming.provider.url=ldap://iconserver.iConsultantsUG.local:389ldap.authentication.defaultAdministratorUserNames=administratorldap.synchronization.java.naming.security.principal=administrator@ICONSULTANTSUGldap.synchronization.java.naming.security.credentials=**********ldap.authentication.java.naming.security.authentication=SIMPLEldap.authentication.allowGuestLogin=truesynchronization.synchronizeChangesOnly=falsesynchronization.syncWhenMissingPeopleLogIn=truesynchronization.autoCreatePeopleOnLogin=true‍‍‍‍‍‍‍‍‍‍‍‍

Folgende Ausgabe des Servers
22:57:36,953  INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, ldap1]22:57:37,046  INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]22:57:37,562  INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, ldap1] complete22:57:40,125  ERROR [web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 09150005 Login failedorg.alfresco.web.scripts.WebScriptException: 09150005 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:81)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:79)        at org.alfresco.web.scripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:223)        at org.alfresco.web.scripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:70)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:357)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:326)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:407)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:424)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:253)        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:262)        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:139)        at org.alfresco.web.scripts.servlet.WebScriptServlet.service(WebScriptServlet.java:122)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Da ich noch ein Server-Neuling bin, sind mir über folgende Angaben auch nicht sicher:
ldap.authentication.java.naming.provider.url=ldap://iconserver.iConsultantsUG.local:389
Was muss denn genau die URL sein? Ich habe diese Angaben auf gut Glück mal irgendwo aus Windows rauskopiert. (Bei ActiveDirectory Benutzer- und Computer –> Domain Controllers ist "ICONSERVER" angegeben. Dort auf Eigenschaften –> DNS-Name: iconserver.iConsultantsUG.local)
Wer kann mir hier Starthilfe geben und mich über diese Begrifflichkeiten aufklären…?

Vielen Dank für eure Hilfe
Sebastian
Labels:
0 Kudos
3 REPLIES 3

bwerner
Champ in-the-making
Champ in-the-making

‎10-16-2009 10:14 AM

Hallo Sebastian,

Also folgende Einträge sind noch auskommentiert:
#ldap.synchronization.userSearchBase=ou=,dc=iconserver.iConsultantsUG,dc=local#ldap.synchronization.groupSearchBase=ou=<OUcontainingUsers>,dc=iconserver.iConsultantsUG,dc=local‍‍‍

Falls das noch so in Deiner Config steht wird der Sync nicht gestartet. Lösche doch ein mal die Kommentierungszeichen "#" und starten den Server neu.
Am besten Du löscht vorher das alfresco.log und postest hier ein mal ein "frisches" Log File, nachdem Du den Server neu gestartet hast.

Viele Grüße,
Bernhard
0 Kudos

sb1017_5337
Champ in-the-making
Champ in-the-making

‎10-23-2009 10:01 AM

Hi Bernhard,

leider schlägt das Login immer noch fehl. Auch wird nichts synchronisiert. 😞 Hier die Ausgabe des Servers:
23.10.2009 15:41:40 org.apache.coyote.http11.Http11Protocol initINFO: Initializing Coyote HTTP/1.1 on http-808023.10.2009 15:41:40 org.apache.catalina.startup.Catalina loadINFO: Initialization processed in 565 ms23.10.2009 15:41:40 org.apache.catalina.core.StandardService startINFO: Starting service Catalina23.10.2009 15:41:40 org.apache.catalina.core.StandardEngine startINFO: Starting Servlet Engine: Apache Tomcat/6.0.1823.10.2009 15:41:43 org.apache.catalina.core.StandardContext addApplicationListenerINFO: The listener "org.apache.myfaces.webapp.StartupServletContextListener" is already configured for this context. The duplicate definition has been ignored.15:41:52,875  INFO  [alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/repository.properties]15:41:53,156  INFO  [alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/domain/transaction.properties]15:41:53,156  INFO  [alfresco.config.JndiPropertiesFactoryBean] Loading properties file from URL [file:/F:/Programme/Alfresco/tomcat/shared/classes/alfresco-global.properties]15:41:53,359  INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:27,312  INFO  [domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.15:42:31,140  INFO  [domain.schema.SchemaBootstrap] No changes were made to the schema.15:42:37,015 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'thirdparty' subsystem, ID: [default]15:42:37,046 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:39,000 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'thirdparty' subsystem, ID: [default] complete15:42:39,234 User:System INFO  [repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: F:\Programme\Alfresco\alf_data15:42:39,296 User:System INFO  [admin.patch.PatchExecuter] Sucht nach anwendbaren Patches…15:42:40,078 User:System INFO  [admin.patch.PatchExecuter] Es sind keine Patches erforderlich15:42:40,078 User:System INFO  [repo.module.ModuleServiceImpl] 1 Modul(e) gefunden.15:42:40,156 User:System INFO  [repo.module.ModuleServiceImpl] Starte Modul 'org.alfresco.module.vti' Version 1.2.15:42:40,265 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'fileServers' subsystem, ID: [default]15:42:40,281 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:40,750 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, alfrescoNtlm1]15:42:40,812 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:41,421 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, alfrescoNtlm1] complete15:42:41,421 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, passthru1]15:42:41,453 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:41,546 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, passthru1] complete15:42:41,625 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [default] complete15:42:41,625 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [default]15:42:41,656 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:41,843 User:System INFO  [repo.imap.AlfrescoImapServer] IMAP service started on host:port localhost:143.15:42:41,843 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [default] complete15:42:41,843 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [default]15:42:41,859 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:42:41,859 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [default] complete15:42:41,890 User:System INFO  [service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_07-b06; maximum heap size 493,063MB15:42:41,890 User:System WARN  [service.descriptor.DescriptorService] Alfresco JVM - WARNING - maximum heap size 493,063MB is less than recommended 512MB15:42:41,890 User:System INFO  [service.descriptor.DescriptorService] Alfresco started (Community): Current version 3.2.0 (2039) schema 2019 - Installed version 3.2.0 (2039) schema 201915:42:42,703 User:System INFO  [module.vti.VtiServer] Vti server started successfully on port: 707015:43:01,250 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'wcm_deployment_receiver' subsystem, ID: [default]15:43:01,312 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:43:01,468 User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'wcm_deployment_receiver' subsystem, ID: [default] complete23.10.2009 15:43:02 org.apache.catalina.startup.HostConfig deployWARINFO: Deploying web application archive mobile.war15:43:03,859  INFO  [alfresco.config.JBossEnabledWebApplicationContext] Refreshing org.alfresco.config.JBossEnabledWebApplicationContext@26eac5: display name [Root WebApplicationContext]; startup date [Fri Oct 23 15:43:03 CEST 2009]; root of context hierarchy15:43:04,437  INFO  [alfresco.config.JBossEnabledWebApplicationContext] Bean factory for application context [org.alfresco.config.JBossEnabledWebApplicationContext@26eac5]: org.springframework.beans.factory.support.DefaultListableBeanFactory@a23bca15:43:06,046  INFO  [web.scripts.DeclarativeRegistry] Registered 24 Web Scripts (+0 failed), 26 URLs15:43:06,078  INFO  [web.scripts.AbstractRuntimeContainer] Initialised Presentation Web Script Container (in 247.62233ms)15:43:06,359  INFO  [web.scripts.DeclarativeRegistry] Registered 42 Web Scripts (+0 failed), 44 URLs15:43:06,375  INFO  [web.scripts.AbstractRuntimeContainer] Initialised WebFramework Web Script Container (in 287.86188ms)15:43:06,421  INFO  [web.site.FrameworkHelper] Successfully Initialized Web Framework23.10.2009 15:43:06 org.apache.catalina.startup.HostConfig deployWARINFO: Deploying web application archive share.war15:43:10,484  INFO  [web.site.FrameworkHelper] Successfully Initialized Web Framework23.10.2009 15:43:10 org.apache.catalina.startup.HostConfig deployWARINFO: Deploying web application archive studio.war15:46:15,234  INFO  [web.site.FrameworkHelper] Successfully Initialized Web Framework23.10.2009 15:46:15 org.apache.coyote.http11.Http11Protocol startINFO: Starting Coyote HTTP/1.1 on http-808023.10.2009 15:46:15 org.apache.catalina.startup.Catalina startINFO: Server startup in 274807 ms15:46:15,656  INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, ldap1]15:46:15,718  INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]15:46:16,531  INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, ldap1] complete15:46:19,203  ERROR [web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 09230005 Login failedorg.alfresco.web.scripts.WebScriptException: 09230005 Login failed        at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:81)        at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:79)        at org.alfresco.web.scripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:223)        at org.alfresco.web.scripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:70)        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:357)        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:326)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:407)        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:424)        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:253)        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:262)        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:139)        at org.alfresco.web.scripts.servlet.WebScriptServlet.service(WebScriptServlet.java:122)        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)        at java.lang.Thread.run(Thread.java:619)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Was könnte noch falsch sein? Wie muss ich denn die Werte in 
#ldap.synchronization.userSearchBase=ou=,dc=iconserver.iConsultantsUG,dc=local#ldap.synchronization.groupSearchBase=ou=<OUcontainingUsers>,dc=iconserver.iConsultantsUG,dc=local‍‍
wählen? Was heißt denn userSearchBase=ou=, dc=.., ou=<OUcontainingUsers>??? Ist das richtig so?

Danke & Gruß
Sebastian
0 Kudos

bwerner
Champ in-the-making
Champ in-the-making

‎10-30-2009 01:59 PM

Hallo,

1: Deine Konfigurationszeilen sind immer noch auskommentiert
Das sollte schon ein mal so aussehen:
ldap.synchronization.userSearchBase=ou=,dc=iconserver.iConsultantsUG,dc=localldap.synchronization.groupSearchBase=ou=<OUcontainingUsers>,dc=iconserver.iConsultantsUG,dc=local‍‍

2: bei ou musst Du die Organisationseinheit eintragen in der Deinen User im AD gespeichert sind. Die bekommst Du am einfachsten vom AD Admin.

Viele Grüße,
Bernhard
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top