Hyland Connect

peltuinum · ‎07-09-2007

Installled V. 2.1 Comm. Ed.   under Linux RedHat Ent.Ed. v .3 - JBoss 4.0.2 - Oracle 10.1.2.
Configured successfully NTLM authentication in order to login to Alfresco using Active Directory credentials, following 'Configuring NTLM' Wiki. CIFS works as well with AD credentials.
But local users , like 'admin' , are no longer authenticated, no errors in JBoss 'server.log'.
Creating 'custom-authority-services-context.xml', according to 'Enabling NTLM users' paragraph in NTLM Wiki, gives no benefit.

this is my 'ntlm-authentication-contect.xml':

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="useLocalServer">
            <value>false</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionComponent" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
        <property name="servers">
            <value><AD server></value>
        </property>
</bean>
</beans>

this is my 'custom-authority-services-context.xml':

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
    <bean id="authorityService" class="org.alfresco.repo.security.authority.AuthorityServiceImpl">
        <property name="authenticationComponent">
            <ref bean="authenticationComponent" />
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="authorityDAO">
            <ref bean="authorityDAO" />
        </property>
        <property name="permissionServiceSPI">
            <ref bean="permissionServiceImpl" />
        </property>
        <property name="adminUsers">
            <set>
                        <value>911251</value> <!– add an NTLM user as an Administrator –>
                        <value>admin</value>
                        <value>administrator</value>
                </set>
        </property>
      </bean>
</beans>

___________________________

Any help welcome

andy · ‎07-20-2007

Hi

With NTLM authentication you just get the users it defines. If you wnat those in alfresco too you will have to set up chaining. However, chaning authentication does not support CIFS.

I suggest you give one of your NTLM users admin rights.

Andy

douglasheld · ‎07-23-2007

Andy, do you mean Windows local administrator rights?

dozyarmadillo · ‎07-23-2007

I think that he means you should specify one or more of your AD users as an admin in the following part of custom-authority-services-context.xml:

<property name="adminUsers">
<set>
<value>911251</value> <!– add an NTLM user as an Administrator –>
<value>admin</value>
<value>administrator</value>
</set>
</property>

andy · ‎07-24-2007

Hi

Yes, that is what I mean.

Andy

peltuinum · ‎07-26-2007

In fact,
the AD user that is declared in 'custom-authority-services-context.xml' sees all users' folders under CIFS, while the other AD users only see their own folders.

Thank you Andy for your clarification.

Hyland Connect

local user not authenticated in NTLM