Hyland Connect

ronca_lapor · ‎02-23-2010

Hello everyone

you guys are probably tired of hearing the same questions over and over again; but i have been searching everywhere latelly and i could not find a solution to my problem

basically I have an Alfresco Server running in a ubuntu server 9.1 with the IP of 10.10.1.23 (http://10.10.1.23:8080/share) and I also have an ldap server running in a machine under the IP 10.10.1.40 (running slapd, phpldapadmin, ldap-utils) which has a whole bunch of users added

now ideally, what i am looking forward to do is to set the properties of alfresco to look into the ldap server for users and authorise these users into logging on alfresco and CIFS

I have been playing around with the ldap server config files as well as the properties files of alfresco, nothing has seemed to work so far.

is there anyway to do such thing

any help will be most apreciated.

sselvan · ‎02-24-2010

Are you trying to do Authentication only or Synchronization also? Based on your explanation, only authentication on LDAP server.

You might want to edit the following files -

ldap-authentication.Properties

ldap-authentication-context.xml

ldap-synchronisation.Properties

ldap-synchronisation-context.xml

Though it is an old post, it can be of some help for you - http://forums.alfresco.com/en/viewtopic.php?f=14&t=13660.
Depending on your Alfresco version, you will be editing lesser files.

Some Wiki pages for your help -
http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems
http://wiki.alfresco.com/wiki/Enterprise_Security_and_Authentication_Configuration

sselvan · ‎02-24-2010

Some of the other forum posts I used in past for implementing a similar thing -

http://forums.alfresco.com/en/viewtopic.php?f=9&t=22677
http://forums.alfresco.com/en/viewtopic.php?f=9&t=18753
http://forums.alfresco.com/en/viewtopic.php?f=9&t=14741
http://forums.alfresco.com/en/viewtopic.php?f=9&t=13357&p=49214

This should give sufficient knowledge. Hope this is helpful.

ronca_lapor · ‎02-24-2010

the big problem is:

in the file ldap-authentication.properties

I have seen many different examples for the ldap.authentication.userNameFormat; examples like

ldap.authentication.userNameFormat=cn\=%s,ou\=Users,ou\=Corporate,dc\=sepracor,dc\=com
and
ldap.authentication.userNameFormat=%s@nacc.local
and
ldap.authentication.userNameFormat=cn=%s,ou=marketing,dc= etc

each case is a case; how can I know what's gonna work for me…
can anyone break it down to stating or perheaps explaining what each one of those "cn\" "ou\" "dc\" stand for and how i can find out what's gonna work for me

sselvan · ‎02-24-2010

Best thing is to check with your LDAP Admin group, if there is any. (That is what I do

)

userNameFormat differs case by case as you guessed - uid=%s,ou=people,dc=domain,dc=com

You could use just %s, that will be sufficient in most of the cases.

Further if you want to understand the LDAP terms - here is an useful Wiki page to learn about ou, dc etc., - http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol#Directory_structure

dward · ‎03-01-2010

FYI you should be able to leave the userNameFormat empty

ldap.authentication.userNameFormat=

Which means that LDAP sync will resolve a DN from a UID using your configured personQuery and the UID attribute. This is now the default for non-AD systems in Alfresco v3.2.

Hyland Connect

LDAP configuration