Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP Sync - Two OU- Ignoring non-existent member Issue

maruthuv
Champ in-the-making
Champ in-the-making

‎02-16-2015 11:55 PM

Hi

I am very new to Alfresco. Please help me to find solution. I have configured two LDAP AD sync and my authentication chain looks like below

authentication.chain=ldap1:ldap-ad,ldap2:ldap-mailer,alfrescoNtlm1:alfrescoNtlm


The requirement is that i need to sync two different OU's. So i configured two ldap configuration

ldap1 configuration sync users + groups and my configuration looks like below

ldap.synchronization.groupSearchBase=OU\=Grouper,OU\=Groups,DC=domain,DC=com
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(whenChanged<\={0})))

ldap.synchronization.userSearchBase=OU\=Employees,OU\=Users,DC=domain,DC=com
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))


ldap2 configuration want that to sync only Mailer groups and no users since i already the users are synced in ldap1

ldap.synchronization.groupSearchBase=OU\=Mailer,OU\=Groups,DC=domain,DC=com
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(whenChanged<\={0})))

ldap.synchronization.userSearchBase=OU\=Employees,OU\=Users,DC=domain,DC=com
ldap.synchronization.personQuery=(&(objectclass\=<strong>skiballusers</strong>)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=<strong>skiballusers</strong>)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))



The ldap1 sync works find and when i try to syn the ldap2, the sync doesn't add missing users to the groups. I am getting following warning and there is no sync happen. But the removal of the user is working fine.

<strong>Ignoring non-existent member 'user1' in groups {'groupname1', 'groupname2'}</strong>

Please help me to find out where is the mistake.

Thanks
Mars
Labels:
0 Kudos
3 REPLIES 3

bopolissimus
Confirmed Champ
Confirmed Champ

‎12-15-2015 06:16 PM

Hi all,

I'm seeing exactly this same thing with OpenLDAP and Alfresco CE 5.0.d.  Is this a known issue?

Gerald Quimpo
0 Kudos

bopolissimus
Confirmed Champ
Confirmed Champ

‎12-15-2015 06:32 PM

https://issues.alfresco.com/jira/browse/ALF-21388

indicates that this is a feature, not a bug.  It's a bit frustrating since it seems this has worked in the past but the behavior has changed.

https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-lda...

and mroger's conjecture that it should work:

https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-lda...

0 Kudos

bopolissimus
Confirmed Champ
Confirmed Champ

‎12-15-2015 06:34 PM

posting this since a previous similar post was queued for admins to review (and I've been away from this forum for a while so I don't know when that's likely to be accepted).  Here's hoping this doesn't trip any review-required filters.  although I'm not that helpful.

https://issues.alfresco.com/jira/browse/ALF-21388

https://forums.alfresco.com/forum/installation-upgrades-configuration-integration/authentication-lda...
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC