Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP - Bind Account Logs in no one else

neomlsra
Champ in-the-making
Champ in-the-making

‎03-05-2009 01:12 PM

I have followed all the forum post for getting LDAP to work and believe I have it right but the only user that can log in is the actual bind account user. I am on Alfresco 3.x, Windows Server 2003 Standard, Full Install from Alfresco Community, etc. Please review the following file and let me know if anyone sees anything wrong that would cause just the actual bind account to login and no one else.

My ldap-authentication.properties file is the following:

#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#

# How to map the user id entered by the user to taht passed through to LDAP
# - simple
#    - this must be a DN and would be something like
#      CN=%s,DC=company,DC=com
# - digest
#    - usually pass through what is entered
#      %s    
ldap.authentication.userNameFormat=%s

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://pxdc05.us.pxd.pvt:389
#ldap.authentication.java.naming.provider.url=ldap://172.01.120.3:389



# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=SIMPLE

# The default principal to use (only used for LDAP sync)
ldap.authentication.java.naming.security.principal=CN=alf-mgr,OU=ServiceAccounts,OU=Communities,DC=us,DC=pxd,DC=pvt
#ldap.authentication.java.naming.security.principal=CN=alf-mgr
# The password for the default principal (only used for LDAP sync)
ldap.authentication.java.naming.security.credentials=Xb1z3R5#

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
Labels:
0 Kudos
1 REPLY 1

neomlsra
Champ in-the-making
Champ in-the-making

‎03-05-2009 03:56 PM

I resolved this issue and everyone can log in now by changing from SIMPLE to DIGEST-MD5.  Now on to chaining so I get the Admin to work.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC