Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ldap synchronization take all users

mmuller
Champ in-the-making
Champ in-the-making

‎08-09-2010 04:42 AM

I have alfresco 3.3

And i wish to use ldap synchronization.

In my ldap-synchronization-proporties i've set all variables and in row with person type ldap I've set inetOrgPerson

Now I have ldap.synchronization.personType=inetOrgPerson

but my afresco takie from ldap all users with type class inetOrgPerson and users without class inetOrgPerson.

but it isnt one problem because Alfresco takes the group and uses them as a user and at the same time as your group account

What is wrong ?


ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=cn=%s,ou=dyrekcja,ou=bet-edu,o=bet-hol
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://10.10.20.3:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=mmuller
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=cn=ldapuser,ou=SERVICES,ou=BET-EDU,o=BET-HOL
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(&(description=*Alfresco*)(objectclass=groupOfUniqueNames))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=o\=BET-HOL
ldap.synchronization.userSearchBase=o\=BET-HOL
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=cn
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o\=bet-hol
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=cn
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Labels:
0 Kudos
2 REPLIES 2

uptime365
Champ in-the-making
Champ in-the-making

‎08-09-2010 08:46 AM

Hi,

Have you tried group query directive as below,

ldap.synchronization.groupQuery=(objectclass\=groupOfUniqueNames)


Uptime
0 Kudos

mmuller
Champ in-the-making
Champ in-the-making

‎08-09-2010 09:12 AM

Problem concerns the fact that all objects are downloaded from the LDAP.
It should only retrieve from LDAP object with class inetOrgPerson.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2026 Khoros, LLC