Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP authentication 3.4.d with AD

docjay
Champ in-the-making
Champ in-the-making

‎03-17-2011 04:56 PM

Running:
Alfresco 3.4.d
Windows Server 2003

Hello all,

   I am new to Alfresco and LDAP AD and I am trying to get Alfresco 3.4.d Community edition to authenticate to my AD server.  I have read the wiki http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems and I cannot get Alfresco to authenticate to my AD.  Is there a log that I can look at for some clues?  How does one know if thier site uses UPN or DN authentication?  I have tried both of these with no luck..I am sure that it is just something that I am misconfiguring on my end, but I would like to at least to look at some logs to get a clue. 

For starters, I have gone into the subsystem 
D:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad
and edited the copy of 'ldap-ad-authentication.properties' to match setting for my site and yes authentication is enabled here 
ldap.authentication.active=true
   Is there any other place to enable ldap authentication?  After I make a change to the ldap-ad-autehntication.properties file I always restart tomcat.  Is that right thing to do or do not have to do this? 

Also, if someone could lead me to any type of logging so that I am able to see what errors I am getting or if it even thinks that authentication is turned on I would really appreciate it!

I did find one log in tomcat\logs named:  stdout_20110316.log and this could be the log that I need…in it I found:  
20:12:22,374  INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]
  does this mean that it is not even trying to use ldap-ad authentication?

thanks again

Jamie
Labels:
0 Kudos
4 REPLIES 4

mrogers
Star Contributor
Star Contributor

‎03-17-2011 06:47 PM

Don't ever hack files below WEB-INF.  

Your config goes into alfresco-global.properties or the shared folder.
0 Kudos

docjay
Champ in-the-making
Champ in-the-making

‎03-18-2011 11:25 AM

thanks - I should have read the wiki more closely and noticed only to modify the alfresco-global.properties file…

so I think I might have ldap-ap setup right, but I still can't authenticate:

#————-
authentication.chain=ldap1:ldap-ad
ldap.authentication.active=true
ldap.authentication.java.naming.security.authentication=DIGEST-MD5
ldap.authentication.userNameformat=%s@mydomain.com
ldap.authentication.java.naming.provider.url=ldap://server.mydomain.com:389

and in the log I found this:

10:01:24,405  INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete

When I go to login I still get an error message:  'the remote server may be unabailable or your authentication details have not been recognized'

I am logging in with just my sAMAccountName as our UPN is sAMAccountName@mydomain.com

any ideas?

thank you for all of your help with this!
0 Kudos

docjay
Champ in-the-making
Champ in-the-making

‎03-22-2011 09:15 AM

does anyone have any ideas that I can try?

thanks
0 Kudos

muralie39
Champ on-the-rise
Champ on-the-rise

‎03-23-2011 05:42 AM

HI,
add the default user name & password

ldap.authentication.defaultAdministratorUserNames=admin
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=admin
ldap.synchronization.java.naming.security.credentials=<password>

try it…
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC