Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- LDAP users dissapear
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
LDAP users dissapear
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-11-2013 01:17 PM
Using Alfresco community 4.2C windows x64 (server 2008R2)
have successfully integrated Active directory groups/users, however for no reason I can see all the users get completely removed?
the service did not restart.
if I restart the service then the users get imported in again but they have lost membership to groups and sites they have joined.
also each time they are re-created a new "home space" is also created for each user resulting in "User-1,User-10,User-11,User-12,User-3" etc. etc…
here is my ldap-ad-authentication.properties:
(Edit) Added log file.
you can see where it is deleting all 33 of the users, but why is it doing this?
have successfully integrated Active directory groups/users, however for no reason I can see all the users get completely removed?
the service did not restart.
if I restart the service then the users get imported in again but they have lost membership to groups and sites they have joined.
also each time they are re-created a new "home space" is also created for each user resulting in "User-1,User-10,User-11,User-12,User-3" etc. etc…
here is my ldap-ad-authentication.properties:
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@mydomain.ca
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://192.168.1.125:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=CN=myuser,CN=Users,DC=mydomain,DC=ca
ldap.synchronization.java.naming.security.credentials=mypassword
ldap.synchronization.groupQuery=(&(objectclass=group)(memberOf=cn=Alfresco Users,OU=Alfresco,DC=mydomain,DC=ca))
ldap.synchronization.groupDifferentialQuery=(&(objectclass=group)(memberOf=cn=Alfresco Users,OU=Alfresco,DC=mydomain,DC=ca))
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf=cn=Alfresco Users,OU=Alfresco,DC=mydomain,DC=cal)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(memberOf=cn=Alfresco Users,OU=Alfresco,DC=mydomain,DC=ca)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.groupSearchBase=dc\=mydomain,dc\=ca
ldap.synchronization.userSearchBase=dc\=mydomain,dc\=ca
ldap.synchronization.modifyTimestampAttributeName=whenChanged
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=false
synchronization.autoCreatePeopleOnLogin=false
synchronization.syncWhenMissingPeopleLogIn=false
(Edit) Added log file.
you can see where it is deleting all 33 of the users, but why is it doing this?
2013-07-11 09:17:30 Commons Daemon procrun stdout initialized
2013-07-11 09:17:40,139 WARN [handler.component.SpellCheckComponent] [localhost-startStop-1] No queryConverter defined, using default converter
2013-07-11 09:17:41,356 WARN [handler.component.SpellCheckComponent] [localhost-startStop-1] No queryConverter defined, using default converter
2013-07-11 09:18:07,596 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'sysAdmin' subsystem, ID: [sysAdmin, default]
2013-07-11 09:18:07,611 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'sysAdmin' subsystem, ID: [sysAdmin, default] complete
2013-07-11 09:18:23,680 INFO [extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor Repository Template Processor for extension ftl
2013-07-11 09:18:23,680 INFO [extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor Repository Script Processor for extension js
2013-07-11 09:18:30,372 INFO [domain.schema.SchemaBootstrap] [localhost-startStop-1] Connecting to database: jdbc:postgresql://localhost:5432/alfresco, UserName=alfresco, PostgreSQL Native Driver
2013-07-11 09:18:30,372 INFO [domain.schema.SchemaBootstrap] [localhost-startStop-1] Schema managed by database dialect org.hibernate.dialect.PostgreSQLDialect.
2013-07-11 09:18:33,211 INFO [domain.schema.SchemaBootstrap] [localhost-startStop-1] No changes were made to the schema.
2013-07-11 09:18:34,725 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Search' subsystem, ID: [Search, managed, solr]
2013-07-11 09:18:34,881 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Search' subsystem, ID: [Search, managed, solr] complete
2013-07-11 09:18:35,099 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'thirdparty' subsystem, ID: [thirdparty, default]
2013-07-11 09:18:36,019 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'thirdparty' subsystem, ID: [thirdparty, default] complete
2013-07-11 09:18:36,019 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'OOoDirect' subsystem, ID: [OOoDirect, default]
2013-07-11 09:18:38,500 WARN [alfresco.util.OpenOfficeConnectionTester] [localhost-startStop-1] An initial OpenOffice connection could not be established.
2013-07-11 09:18:38,500 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'OOoDirect' subsystem, ID: [OOoDirect, default] complete
2013-07-11 09:18:38,500 INFO [repo.admin.ConfigurationChecker] [localhost-startStop-1] The Alfresco root data directory ('dir.root') is: C:\Alfresco\alf_data
2013-07-11 09:18:38,515 INFO [admin.patch.PatchExecuter] [localhost-startStop-1] Checking for patches to apply …
2013-07-11 09:18:39,249 INFO [admin.patch.PatchExecuter] [localhost-startStop-1] No patches were required.
2013-07-11 09:18:39,264 INFO [repo.module.ModuleServiceImpl] [localhost-startStop-1] Found 2 module(s).
2013-07-11 09:18:39,342 INFO [repo.module.ModuleServiceImpl] [localhost-startStop-1] Starting module 'org_alfresco_module_rm' version 2.0.1.
2013-07-11 09:18:39,451 INFO [repo.module.ModuleServiceImpl] [localhost-startStop-1] Starting module 'org.alfresco.module.vti' version 1.2.
2013-07-11 09:18:39,467 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'fileServers' subsystem, ID: [fileServers, default]
2013-07-11 09:18:40,138 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfinst]
2013-07-11 09:18:40,387 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, alfinst] complete
2013-07-11 09:18:40,387 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, ldap1]
2013-07-11 09:18:40,481 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete
2013-07-11 09:18:40,637 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'fileServers' subsystem, ID: [fileServers, default] complete
2013-07-11 09:18:40,637 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'imap' subsystem, ID: [imap, default]
2013-07-11 09:18:53,710 INFO [repo.imap.AlfrescoImapServer] [localhost-startStop-1] IMAP service started on host:port 192.168.1.110:143
2013-07-11 09:18:53,710 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'imap' subsystem, ID: [imap, default] complete
2013-07-11 09:18:53,710 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'email' subsystem, ID: [email, outbound]
2013-07-11 09:18:53,757 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'email' subsystem, ID: [email, outbound] complete
2013-07-11 09:18:53,757 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'email' subsystem, ID: [email, inbound]
2013-07-11 09:18:53,850 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'email' subsystem, ID: [email, inbound] complete
2013-07-11 09:18:53,850 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'googledocs' subsystem, ID: [googledocs, default]
2013-07-11 09:18:53,913 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'googledocs' subsystem, ID: [googledocs, default] complete
2013-07-11 09:18:53,913 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Subscriptions' subsystem, ID: [Subscriptions, default]
2013-07-11 09:18:53,928 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Subscriptions' subsystem, ID: [Subscriptions, default] complete
2013-07-11 09:18:53,928 INFO [repo.usage.UserUsageTrackingComponent] [localhost-startStop-1] Disabled - clear non-missing user usages …
2013-07-11 09:18:53,960 INFO [repo.usage.UserUsageTrackingComponent] [localhost-startStop-1] Found 0 users to clear
2013-07-11 09:18:53,960 INFO [repo.usage.UserUsageTrackingComponent] [localhost-startStop-1] … cleared non-missing usages for 0 users
2013-07-11 09:18:53,960 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Synchronization' subsystem, ID: [Synchronization, default]
2013-07-11 09:18:54,022 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronizing users and groups with user registry 'ldap1'
2013-07-11 09:18:54,084 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Retrieving groups changed since Jun 21, 2013 1:08:11 PM from user registry 'ldap1'
2013-07-11 09:18:54,116 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] ldap1 Group Analysis: Commencing batch of 0 entries
2013-07-11 09:18:54,116 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] ldap1 Group Analysis: Completed batch of 0 entries
2013-07-11 09:18:54,131 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Retrieving users changed since Jul 10, 2013 8:38:17 AM from user registry 'ldap1'
2013-07-11 09:18:54,147 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] ldap1 User Creation and Association: Commencing batch of 33 entries
2013-07-11 09:18:58,125 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] ldap1 User Creation and Association: Processed 33 entries out of 33. 100% complete. Rate: 8 per second. 0 failures detected.
2013-07-11 09:18:58,125 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] ldap1 User Creation and Association: Completed batch of 33 entries
2013-07-11 09:18:58,187 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Finished synchronizing users and groups with user registry 'ldap1'
2013-07-11 09:18:58,187 INFO [security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] 33 user(s) and 0 group(s) processed
2013-07-11 09:18:58,218 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete
2013-07-11 09:18:58,265 INFO [service.descriptor.DescriptorService] [localhost-startStop-1] Alfresco JVM - v1.7.0_07-b10; maximum heap size 910.250MB
2013-07-11 09:18:58,265 INFO [service.descriptor.DescriptorService] [localhost-startStop-1] Alfresco started (Community). Current version: 4.2.0 (4576) schema 6,022. Originally installed version: 4.2.0 (4576) schema 6,022.
2013-07-11 09:18:58,265 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'ActivitiesFeed' subsystem, ID: [ActivitiesFeed, default]
2013-07-11 09:18:58,359 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'ActivitiesFeed' subsystem, ID: [ActivitiesFeed, default] complete
2013-07-11 09:18:58,359 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Replication' subsystem, ID: [Replication, default]
2013-07-11 09:18:58,390 INFO [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Replication' subsystem, ID: [Replication, default] complete
2013-07-11 09:18:59,685 INFO [module.vti.VtiServer] [localhost-startStop-1] Vti server started successfully on port: 7070
2013-07-11 09:18:59,685 INFO [module.vti.VtiServer] [localhost-startStop-1] Vti server SessionIdManagerWorkerName: jetty1
2013-07-11 09:19:00,106 WARN [alfresco.util.OpenOfficeConnectionTester] [DefaultScheduler_Worker-4] Error trying to query Open Office version information. OpenOffice.org's ConfigurationRegistry not implemented in this version of OOo. This should not affect the operation of OOo.
2013-07-11 09:19:00,106 INFO [alfresco.util.OpenOfficeConnectionTester] [DefaultScheduler_Worker-4] The OpenOffice connection was re-established.
2013-07-11 09:19:06,689 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 551 Web Scripts (+0 failed), 842 URLs
2013-07-11 09:19:06,689 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 2 Package Description Documents (+0 failed)
2013-07-11 09:19:06,689 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 1 Schema Description Documents (+0 failed)
2013-07-11 09:19:06,689 INFO [extensions.webscripts.AbstractRuntimeContainer] [localhost-startStop-1] Initialised Repository Web Script Container (in 6475.9507ms)
2013-07-11 09:19:06,705 INFO [extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor freemarker for extension ftl
2013-07-11 09:19:06,705 INFO [extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor javascript for extension js
2013-07-11 09:19:20,589 INFO [extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor freemarker for extension ftl
2013-07-11 09:19:20,667 INFO [extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor javascript for extension js
2013-07-11 09:19:20,667 INFO [extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor freemarker for extension ftl
2013-07-11 09:19:20,683 INFO [extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor javascript for extension js
2013-07-11 09:19:24,895 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 378 Web Scripts (+0 failed), 392 URLs
2013-07-11 09:19:24,895 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 8 Package Description Documents (+0 failed)
2013-07-11 09:19:24,895 INFO [extensions.webscripts.DeclarativeRegistry] [localhost-startStop-1] Registered 0 Schema Description Documents (+0 failed)
2013-07-11 09:19:25,176 INFO [extensions.webscripts.AbstractRuntimeContainer] [localhost-startStop-1] Initialised Spring Surf Container Web Script Container (in 4484.9575ms)
2013-07-11 09:19:25,176 INFO [extensions.webscripts.TemplateProcessorRegistry] [localhost-startStop-1] Registered template processor freemarker for extension ftl
2013-07-11 09:19:25,176 INFO [extensions.webscripts.ScriptProcessorRegistry] [localhost-startStop-1] Registered script processor javascript for extension js
2013-07-11 09:23:40,145 INFO [web.site.EditionInterceptor] [http-apr-80-exec-2] Successfully retrieved license information from Alfresco.
2013-07-11 09:23:46,183 INFO [web.scripts.ImapServerStatus] [http-apr-80-exec-2] Successfully retrieved IMAP server status from Alfresco: enabled
2013-07-12 00:00:00,036 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Synchronizing users and groups with user registry 'ldap1'
2013-07-12 00:00:00,052 WARN [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Full synchronization with user registry 'ldap1'
2013-07-12 00:00:00,052 WARN [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Some users and groups previously created by synchronization with this user registry may be removed.
2013-07-12 00:00:00,067 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Retrieving groups changed since Jun 21, 2013 1:08:11 PM from user registry 'ldap1'
2013-07-12 00:00:00,099 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Group Analysis: Commencing batch of 0 entries
2013-07-12 00:00:00,099 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Group Analysis: Completed batch of 0 entries
2013-07-12 00:00:00,145 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Retrieving users changed since Jul 11, 2013 7:32:33 AM from user registry 'ldap1'
2013-07-12 00:00:00,161 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 User Creation and Association: Commencing batch of 33 entries
2013-07-12 00:00:00,208 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 User Creation and Association: Processed 33 entries out of 33. 100% complete. Rate: 702 per second. 0 failures detected.
2013-07-12 00:00:00,208 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 User Creation and Association: Completed batch of 33 entries
2013-07-12 00:00:00,333 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Authority Deletion: Commencing batch of 34 entries
2013-07-12 00:00:01,144 WARN [security.sync.ChainingUserRegistrySynchronizer] [ldap1 Authority Deletion1] ldap1 Authority Deletion: Failed to process entry "Guest".
org.alfresco.error.AlfrescoRuntimeException: 06121982 The Guest user cannot be deleted.
at org.alfresco.repo.security.person.PersonServiceImpl.beforeDeleteNode(PersonServiceImpl.java:1517)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.policy.JavaBehaviour$JavaMethodInvocationHandler.invoke(JavaBehaviour.java:173)
at $Proxy26.beforeDeleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor996.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.policy.PolicyFactory$MultiHandler.invoke(PolicyFactory.java:300)
at org.alfresco.repo.policy.$Proxy273.beforeDeleteNode(Unknown Source)
at org.alfresco.repo.node.AbstractNodeServiceImpl.invokeBeforeDeleteNode(AbstractNodeServiceImpl.java:482)
at org.alfresco.repo.node.db.DbNodeServiceImpl.deleteNode(DbNodeServiceImpl.java:1170)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.alfresco.repo.tenant.MultiTNodeServiceInterceptor.invoke(MultiTNodeServiceInterceptor.java:105)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy7.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.service.StoreRedirectorProxyFactory$RedirectorInvocationHandler.invoke(StoreRedirectorProxyFactory.java:215)
at $Proxy35.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.alfresco.repo.tagging.TagScopePropertyMethodInterceptor.invoke(TagScopePropertyMethodInterceptor.java:152)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.node.MLPropertyInterceptor.invoke(MLPropertyInterceptor.java:306)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.node.NodeRefPropertyMethodInterceptor.invoke(NodeRefPropertyMethodInterceptor.java:269)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy7.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:196)
at $Proxy7.deleteNode(Unknown Source)
at org.alfresco.repo.security.person.PersonServiceImpl.deletePersonImpl(PersonServiceImpl.java:1153)
at org.alfresco.repo.security.person.PersonServiceImpl.deletePerson(PersonServiceImpl.java:1098)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1AuthorityDeleter.process(ChainingUserRegistrySynchronizer.java:1764)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1AuthorityDeleter.process(ChainingUserRegistrySynchronizer.java:1736)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.execute(BatchProcessor.java:712)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:433)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.run(BatchProcessor.java:756)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
2013-07-12 00:00:02,095 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Authority Deletion: Processed 34 entries out of 34. 100% complete. Rate: 19 per second. 1 failures detected.
2013-07-12 00:00:02,095 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Authority Deletion: Completed batch of 34 entries
2013-07-12 00:00:02,095 ERROR [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] ldap1 Authority Deletion: 1 error(s) detected. Last error from entry "Guest"
org.alfresco.error.AlfrescoRuntimeException: 06121982 The Guest user cannot be deleted.
at org.alfresco.repo.security.person.PersonServiceImpl.beforeDeleteNode(PersonServiceImpl.java:1517)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.policy.JavaBehaviour$JavaMethodInvocationHandler.invoke(JavaBehaviour.java:173)
at $Proxy26.beforeDeleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor996.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.policy.PolicyFactory$MultiHandler.invoke(PolicyFactory.java:300)
at org.alfresco.repo.policy.$Proxy273.beforeDeleteNode(Unknown Source)
at org.alfresco.repo.node.AbstractNodeServiceImpl.invokeBeforeDeleteNode(AbstractNodeServiceImpl.java:482)
at org.alfresco.repo.node.db.DbNodeServiceImpl.deleteNode(DbNodeServiceImpl.java:1170)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.alfresco.repo.tenant.MultiTNodeServiceInterceptor.invoke(MultiTNodeServiceInterceptor.java:105)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy7.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.alfresco.repo.service.StoreRedirectorProxyFactory$RedirectorInvocationHandler.invoke(StoreRedirectorProxyFactory.java:215)
at $Proxy35.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.alfresco.repo.tagging.TagScopePropertyMethodInterceptor.invoke(TagScopePropertyMethodInterceptor.java:152)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.node.MLPropertyInterceptor.invoke(MLPropertyInterceptor.java:306)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.alfresco.repo.node.NodeRefPropertyMethodInterceptor.invoke(NodeRefPropertyMethodInterceptor.java:269)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy7.deleteNode(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1006.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:196)
at $Proxy7.deleteNode(Unknown Source)
at org.alfresco.repo.security.person.PersonServiceImpl.deletePersonImpl(PersonServiceImpl.java:1153)
at org.alfresco.repo.security.person.PersonServiceImpl.deletePerson(PersonServiceImpl.java:1098)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1AuthorityDeleter.process(ChainingUserRegistrySynchronizer.java:1764)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1AuthorityDeleter.process(ChainingUserRegistrySynchronizer.java:1736)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.execute(BatchProcessor.java:712)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:433)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.run(BatchProcessor.java:756)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
2013-07-12 00:00:02,095 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] Finished synchronizing users and groups with user registry 'ldap1'
2013-07-12 00:00:02,095 INFO [security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-8] 66 user(s) and 0 group(s) processed
Labels:
- Labels:
-
Archive
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2013 05:34 PM
well this is just too frustrating for me, it works for a few days and then bam all the users get deleted again.
there is no way I can present this to the staff so am giving up on using ldap and will simply create local users.
thanks anyway, it seem ldap is a bit of voodoo with alfresco
there is no way I can present this to the staff so am giving up on using ldap and will simply create local users.
thanks anyway, it seem ldap is a bit of voodoo with alfresco
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-22-2013 07:24 PM
I'm using LDAP-AD authentication and the users and groups are not doing what you describe. The only difference in setup is that I have my config placed in the global.properties file. You might try doing that. I also know that AD should sync with alfresco every 24 hours. So you might make sure that nothing configured on your AD side is affecting that sync.
Here is a sample of mine which works and I have had no problems at all. Located at /tomcat/shared/classes/alfresco.global.properties
Here is a sample of mine which works and I have had no problems at all. Located at /tomcat/shared/classes/alfresco.global.properties
### Authentication Chain for LDAP ###
authentication.chain=ldap-ad1:ldap-ad,alfrescoNtlm1:alfrescoNtlm
### Active Directory Config ###
# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=true
#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=true
# How to map the user id entered by the user to taht passed through to LDAP
# In Active Directory, this can either be the user principal name (UPN) or DN.
# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user
#ldap.authentication.userNameFormat=%s@domain
ldap.authentication.userNameFormat=%s@fqdn.ca
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
#ldap.authentication.java.naming.provider.url=ldap://domaincontroller.company.com:389
ldap.authentication.java.naming.provider.url=ldap://fqdn:389
# The authentication mechanism to use for password validation
ldap.authentication.java.naming.security.authentication=simple
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
# Comma separated list of user names who should be considered administrators by default
#ldap.authentication.defaultAdministratorUserNames=Administrator
ldap.authentication.defaultAdministratorUserNames=administrator,alfresco
# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true
# The authentication mechanism to use for synchronization
ldap.synchronization.java.naming.security.authentication=simple
# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
#ldap.synchronization.java.naming.security.principal=alfresco@domain
ldap.synchronization.java.naming.security.principal=user@domain
# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=Its a secret
# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000
# If positive, this property indicates that range retrieval should be used to fetch
# multi-valued attributes (such as member) in batches of the specified size.
# Overcomes any size limits imposed by Active Directory.
ldap.synchronization.attributeBatchSize=1000
# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=group)
# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(whenChanged<\={0})))
# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))
# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
#ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=domain
ldap.synchronization.groupSearchBase=
# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
#ldap.synchronization.userSearchBase=ou\=User Accounts,ou=\Alfresco,dc=domain
ldap.synchronization.userSearchBase=
# The name of the operational attribute recording the last update time for a group or user.
ldap.synchronization.modifyTimestampAttributeName=whenChanged
# The timestamp format. Unfortunately, this varies between directory servers.
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName
# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName
# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn
# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail
# The attribute on person objects in LDAP to map to the organizational id property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company
# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
# The attribute on LDAP group objects to map to the authority name property in Alfresco
ldap.synchronization.groupIdAttributeName=cn
# The attribute on LDAP group objects to map to the authority display name property in Alfresco
ldap.synchronization.groupDisplayNameAttributeName=displayName
# The group type in LDAP
ldap.synchronization.groupType=group
# The person type in LDAP
ldap.synchronization.personType=user
# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronization.groupMemberAttributeName=member
# If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries.
ldap.synchronization.enableProgressEstimation=true
# Requests timeout, in miliseconds, use 0 for none (default)
ldap.authentication.java.naming.read.timeout=0
Related Content
- ldap configuration in alfresco 7.2 in docker in Alfresco Forum
- Alfresco Community Edition 23.2 Release Notes in Alfresco Blog
- Alfresco 7.1 problem synchronize with LDAP in Alfresco Forum
- Activiti Explorer throwing PartialResultException when we ignore referral and use ldaps (636) in Alfresco Forum
- Alfresco syncs LDAP groups, but doesn't populate them in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
