Hi there!
During the past months I found a lot of helpful information in these forums and posted some solutions back to the community. For my current problem, I wasn't able to get a single clue so far. Maybe some of you could help me out
ops:
I was able to configure Alfresco (3.4d CE, Tomcat 6, SUSE Enterprise 11) to authenticate users against our LDAP services (Novell eDirectory).
My alfresco-global.properties contains the following statements regarding LDAP integration:
Whenever Alfresco is running, every five seconds it tries to authenticate the user "admin", which definitely exists in the tree (ldap.authentication.userNameFormat), but should never be used for Alfresco. I thought this could be avoided by specifying a certain LDAP user as admin (ldap.authentication.defaultAdministratorUserNames), which was no cure.
I also tried to deactivate the "admin" account, which is only possible when Alfresco's built in authentication mechanism is in use, but whenever I switch back to LDAP authentication mode and restart Alfresco, "admin" is reactivated and can't be deactivated again. Again, every five seconds I can see this in the debug logs:
Even
As you can imagine, our LDAP administrator is not so overwhelmingly happy, because five wrong authentication attempts render the admin account blocked.
So, please, could one explain to me
a) what Alfresco is doing every five seconds that triggers a login attempt
b) how this can be deactivated
Thank you very much for any hint,
best regards,
Flo
During the past months I found a lot of helpful information in these forums and posted some solutions back to the community. For my current problem, I wasn't able to get a single clue so far. Maybe some of you could help me out
ops: I was able to configure Alfresco (3.4d CE, Tomcat 6, SUSE Enterprise 11) to authenticate users against our LDAP services (Novell eDirectory).
My alfresco-global.properties contains the following statements regarding LDAP integration:
authentication.chain=urLDAP:ldap
urLDAP
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=cn=%s,ou=myBranch,o=myCompany,c=de
ldap.authentication.java.naming.provider.url=ldaps://ldapserver:636/
ldap.authentication.defaultAdministratorUserNames=myAdminName
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
alfresco.authentication.authenticateCIFS=false
synchronization.syncOnStartup=false
ldap.synchronization.active=false
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
Whenever Alfresco is running, every five seconds it tries to authenticate the user "admin", which definitely exists in the tree (ldap.authentication.userNameFormat), but should never be used for Alfresco. I thought this could be avoided by specifying a certain LDAP user as admin (ldap.authentication.defaultAdministratorUserNames), which was no cure.
I also tried to deactivate the "admin" account, which is only possible when Alfresco's built in authentication mechanism is in use, but whenever I switch back to LDAP authentication mode and restart Alfresco, "admin" is reactivated and can't be deactivated again. Again, every five seconds I can see this in the debug logs:
17:38:54,379 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl] Authenticating user "admin"
17:38:57,458 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl] Failed to authenticate user "admin"
org.alfresco.repo.security.authentication.AuthenticationException: 08200077 LDAP authentication failed.
Even
synchronization.syncOnStartup=false
ldap.synchronization.active=falseAs you can imagine, our LDAP administrator is not so overwhelmingly happy, because five wrong authentication attempts render the admin account blocked.
So, please, could one explain to me
a) what Alfresco is doing every five seconds that triggers a login attempt
b) how this can be deactivated
Thank you very much for any hint,
best regards,
Flo
