Hi everybody,
I've installed a test environment (WebClient+Share) with these features :
- Authentification passthru, SSO
- CIFS, FTP, Webdav
SSO authentification don't give me automatically fields of my Active Directory (lastname, firstname, mail …), I've installed LDAP-AD sync (not authentification). All works fine.
After several tests, sync launches itself at Alfresco startup. So, I find and parameter :
synchronization.syncOnStartup=false
As I want a new user (unknown from Alfresco) will created automatically, with informations from AD, I also parameter :
# Should we trigger a differential sync when missing people log in?
synchronization.syncWhenMissingPeopleLogIn=false
# Should we auto create a missing person on log in?
synchronization.autoCreatePeopleOnLogin=true
My problem ; when an unknown user tries to connect, sync launches itself all over my AD (parametered in synchronization.groupSearchBase & synchronization.userSearchBase).
I don't want to sync all my AD users (I want only new unkown users which try to connect at minimum 1 time).
I want to create only this user and pick up his AD informations at his connection.
I've tried (unsuccessfully) :
synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(sAMAccountName\=%s))
or
synchronization.userSearchBase=DC\=my,DC\=organization,DC\=infos,DC\=com,sAMAccountName\=%s
If is it possible, how ?
Any help would be welcomed