Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

ldap-ad sync problem

jjscampos
Champ in-the-making
Champ in-the-making

‎06-17-2011 09:51 AM

I'm trying for a week now to configure alfresco authentication e sync to AD. I only can authenticate users by now. I can't figure out way sync does not work… allways tells me "Synchronization aborted due to error
05170000 Unable to connect to LDAP Server; check LDAP configuration"

ldap-ad-authentication.properties:
######### Authentication sectionldap.authentication.active=trueldap.authentication.java.naming.security.authentication=simpleldap.authentication.userNameFormat=%s@domain.ptldap.authentication.allowGuestLogin=falseldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.provider.url=ldap://192.168.1.1:389ldap.authentication.defaultAdministratorUserNames=adminldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=false######### Synchronization sectionldap.synchronization.active=true#ldap.synchronization.java.naming.security.principal=cn=guru,cn=users,dc=domain,dc=pt#ldap.synchronization.java.naming.security.principal=CN\=Guru,CN\=Users,DC\=domain,DC\=ptldap.synchronization.java.naming.security.principal=guru@domain.ptldap.synchronization.java.naming.security.credentials=ldmnf84nfldap.synchronization.groupQuery=(objectclass=group)#ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))ldap.synchronization.personQuery=(&(objectclass=user)ldap.synchronization.groupDifferentialQuery=(&(objectclass=group)(!(modifyTimestamp<={0})))#ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))ldap.synchronization.personDifferentialQuery=(&(objectclass=user)(!(modifyTimestamp<={0})))ldap.synchronization.groupSearchBase=dc=domain,dc=ptldap.synchronization.userSearchBase=dc=domain,dc=ptldap.synchronization.modifyTimestampAttributeName=modifyTimestampldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'ldap.synchronization.userIdAttributeName=sAMAccountNameldap.synchronization.userFirstNameAttributeName=givenNameldap.synchronization.userLastNameAttributeName=snldap.synchronization.userEmailAttributeName=mailldap.synchronization.groupIdAttributeName=cnldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProviderldap.synchronization.groupType=groupldap.synchronization.personType=userldap.synchronization.groupMemberAttributeName=membersynchronization.synchronizeChangesOnly=falseldap.synchronization.queryBatchSize=1000ldap.synchronization.attributeBatchSize=1000ldap.synchronization.enableProgressEstimation=trueldap.authentication.escapeCommasInBind=false‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Here is the log text:

 14:43:31,801 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap-ad1'14:36:24,758 User:System ERROR [security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to errororg.alfresco.repo.security.authentication.AuthenticationException: 05170000 Unable to connect to LDAP Server; check LDAP configuration        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:118)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:89)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:82)        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:670)        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:667)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:618)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:434)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$6.doWork(ChainingUserRegistrySynchronizer.java:1529)        at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1523)        at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)        at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)        at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:78)        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)        at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4205)        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4704)        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799)        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601)        at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:675)        at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:601)        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:502)        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1315)        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:324)        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)        at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)        at org.apache.catalina.core.StandardService.start(StandardService.java:525)        at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)        at java.lang.reflect.Method.invoke(Method.java:616)        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)Caused by: javax.naming.AuthenticationNotSupportedException: ${ldap.synchronization.java.naming.security.authentication}        at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:118)        at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:232)        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2685)        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:306)        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)        at javax.naming.InitialContext.init(InitialContext.java:240)        at javax.naming.InitialContext.<init>(InitialContext.java:214)        at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:99)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:109)        … 50 more14:36:24,798 User:System WARN  [security.sync.ChainingUserRegistrySynchronizer] Failed initial synchronize with user registriesorg.alfresco.repo.security.authentication.AuthenticationException: 05170000 Unable to connect to LDAP Server; check LDAP configuration        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:118)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:89)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:82)        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:670)        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:667)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:618)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:434)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$6.doWork(ChainingUserRegistrySynchronizer.java:1529)        at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)        at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1523)        at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)        at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)        at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)        at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:78)        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)        at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)        at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4205)        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4704)        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:799)        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:779)        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:601)        at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:675)        at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:601)        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:502)        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1315)        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:324)        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:142)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1061)        at org.apache.catalina.core.StandardHost.start(StandardHost.java:840)        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:463)        at org.apache.catalina.core.StandardService.start(StandardService.java:525)        at org.apache.catalina.core.StandardServer.start(StandardServer.java:754)        at org.apache.catalina.startup.Catalina.start(Catalina.java:595)        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)        at java.lang.reflect.Method.invoke(Method.java:616)        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)Caused by: javax.naming.AuthenticationNotSupportedException: ${ldap.synchronization.java.naming.security.authentication}        at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:118)        at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:232)        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2685)        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:306)        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:193)        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:211)        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)        at javax.naming.InitialContext.init(InitialContext.java:240)        at javax.naming.InitialContext.<init>(InitialContext.java:214)        at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:99)        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:109)        … 50 more14:36:24,801  INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Any help apreciated.
Labels:
0 Kudos
5 REPLIES 5

valter_85
Champ in-the-making
Champ in-the-making

‎07-20-2012 11:19 AM

hi,

I'm having the same problem and I also can't sync the users, when I try to login into alfresco, it shows that the user is Unable to login - unknown username/password.
I've changed the properties according to the documentation, but it just don't work.
Does anyone know what could be wrong??

Thanks in advance.

valter
0 Kudos

dgcupit
Champ in-the-making
Champ in-the-making
In response to valter_85

‎12-23-2015 01:49 PM

Hopefully someone will see this and offer some help, since it tells me I cannot start my own thread.

Basically, using the 5.0 build, I can't seem to get LDAP Sync or Passthru to work.

It seems to be authenticating users from AD, but no info syncs, and the error in the log is not very helpful.

I've done a lot of searches thru the forms, and the biggest issue I'm finding is that there's seems to be no one single 'How-To' for AD. I find suggestions that offer suggestions in direct conflict with other's directions, or are done in what seems to be a completely different manner, and the bulk of the results of my searches are for older versions, and not 5.x

Here's my global config, covering the entire Auth configuration. I've substituted the domain HELPME for my actual domain. I realize this looks very bloated, but this is putting together everyone's suggestion for why it's not working, as found in other's posts asking for help:




#Authentication settings
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap,passthru1Smiley Tongueassthru
ntlm.authentication.sso.enabled=false

### CIFS/SMB Server Configuration ###
cifs.enabled=true
cifs.domain=ld.local
cifs.serverName=${localname}A
cifs.hostannounce=true

#CIFS with LDAP We have to use passthru for CIFS due to limitations in how cifs has to authenticate
ntlm.authentication.authenticateCIFS=false
#Must be disabled to allow chained password-based login
ntlm.authentication.sso.enabled=false

alfresco.authentication.authenticateCIFS=false
#alfresco.authentication.allowGuestLogin=false

passthru.authentication.authenticateCIFS=true
passthru.authentication.useLocalServer=false
passthru.authentication.domain=HELPME.org
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=admin,administrator
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
passthru.authentication.servers=HELPME.org\\SVR-001-DC01,HELPME.org\\SVR-002-DC01,SVR-003-DC01
passthru.authentication.offlineCheckInterval=300

#LDAP authentication
ldap.authentication.userNameFormat=cn=%s,ou=facilities,ou=users,dc=HELPME,dc=org
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.security.authentication=SIMPLE
ldap.authentication.java.naming.security.principal=cn=alfresco,dc=HELPME,dc=org
ldap.authentication.java.naming.security.credentials=APassword
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@HELPME.org
ldap.authentication.java.naming.provider.url=ldap://SVR-001-DC01.HELPME.org:389
ldap.authentication.defaultAdministratorUserNames=admin,administrator
ldap.authentication.active=false
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=alfresco@HELPME.Org
ldap.synchronization.java.naming.security.credentials=APassword
ldap.synchronization.groupSearchBase=OU=Security_Groups,OU=HELPME,DC=Org
ldap.synchronization.userSearchBase=OU=Facilities,OU=Users,DC=HELPME,DC=Org

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member

synchronization.synchronizeChangesOnly=false
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.autoCreatePeopleOnLogin=false


I have verified that the AD/LDAP account 'alfresco' can read/view any user in AD using the tool Softerra LDAP Browser 4.5, and the account can fully roam the AD. It is a member of 'Domain Users' only.

When the app is started, I'm presented with the login prompt, so Passthru isn't working.

I can enter my AD ID/PW and it does log me in, but all profile info is blank, and of course it shows my login ID and not my common name.

This is the error / reason in the log when AD Sync tries to kick in:

2015-12-24 00:23:52,504 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 11240001 Error during LDAP Search. ReasonSmiley Surprisedrg:389

Caused by: javax.naming.CommunicationException: org:389 [Root exception is java.net.UnknownHostException: org]

Caused by: java.net.UnknownHostException: org

2015-12-24 00:23:52,692 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 11240001 Error during LDAP Search. ReasonSmiley Surprisedrg:389

Caused by: javax.naming.CommunicationException: org:389 [Root exception is java.net.UnknownHostException: org]

Caused by: java.net.UnknownHostException: org

2015-12-24 00:23:52,692 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Failed initial synchronize with user registries
org.alfresco.error.AlfrescoRuntimeException: 11240001 Error during LDAP Search. ReasonSmiley Surprisedrg:389

Caused by: javax.naming.CommunicationException: org:389 [Root exception is java.net.UnknownHostException: org]

Caused by: java.net.UnknownHostException: org

2015-12-24 00:23:52,692 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete
0 Kudos

xarope
Champ in-the-making
Champ in-the-making
In response to dgcupit

‎12-24-2015 02:31 AM

Seems like your first error is:

2015-12-24 00:23:52,504 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to errororg.alfresco.error.AlfrescoRuntimeException: 11240001 Error during LDAP Search. Reason:org:389Caused by: javax.naming.CommunicationException: org:389 [Root exception is java.net.UnknownHostException: org]‍‍‍‍‍‍


In case it's a hostname/DNS lookup issue, have you tried using an IP address rather than the FQDN here?
ldap.authentication.java.naming.provider.url=ldap://SVR-001-DC01.HELPME.org:389‍‍‍

0 Kudos

xarope
Champ in-the-making
Champ in-the-making

‎12-24-2015 02:43 AM

jjscampos, your filter looks like it's missing a closing ")", as well as the "\" to escape the "="
ldap.synchronization.personQuery=(&(objectclass=user)‍‍‍


And assuming you intentionally want to leave out the clause which excludes AD users who are not active, then you can/should remove the remaining "&". So it should just look like this:
ldap.synchronization.personQuery=(objectclass\=user)‍‍‍
0 Kudos

xarope
Champ in-the-making
Champ in-the-making

‎12-24-2015 02:46 AM

dgcupit, your error seems to be "UnknownHostException":
2015-12-24 00:23:52,504 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization aborted due to errororg.alfresco.error.AlfrescoRuntimeException: 11240001 Error during LDAP Search. Reason:org:389Caused by: javax.naming.CommunicationException: org:389 [Root exception is java.net.UnknownHostException: org]Caused by: java.net.UnknownHostException: org‍‍‍‍‍‍‍‍


Have you tried using an IP address here, in case it's a hostname/DNS lookup issue?  e.g. if the IP for your LDAP server is 10.10.10.1:
ldap.authentication.java.naming.provider.url=ldap://10.10.10.1:389‍‍‍
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top