* BTW - sorry for necroposting, this is BS though if the user community is still having the same problem for a year and a half 
alfresco-3.4.d
CentOS 5.5, x86
OK all - here's the MAIN PROBLEM with anything open source especially if you can run it on multiple platforms…documentation = crap. Even your attempt although 'helpful' in a small sense is not 'complete'. For idiots like me you need to s-p-e-l-l things out literally.
For example:
It seems that I do in fact have a full path of:
/opt/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/ldap-authentications.properties
* Why are there files here and what do they do? They don't seem to be the SAME files anyway, yours has the word 'context' in them? Mine do not.
I also have files here which match what the post has above:
/opt/alfresco-3.4.d/tomcat/shared/classes/alfresco/extension
* Here I have a lot of '*.xml.sample' files, the * meaning anything from customModel.xml.sample to web-scripts-config-custom.xml.sample, etc, etc
I suspect that I need to tweak /opt/alf…/tomcat/shard/classes/alfresco/extension and throw all the files you're talking about in there but they don't exist so I created them. When creating them and tweaking for my Windows Active Directory environment I restart Alfresco (on CentOS: /etc/init.d/alfresco restart) and I try to hit the logon portal http://myserver:8080/alfresco and it gives me a 404 error not found until I whack my xml files (by whack I mean delete or rename .old or _old).
So the whole 'tutorial' in my view is incomplete and flat doesn't work. Is this a Windows tutorial? I suspect it is but it's hard to tell.
The wiki as people here have mentioned is lacking.
All I want to do is setup Active Directory authentication but Alfresco is seriously lacking documentation and a web gui. WTF? Someone told me that Alfresco is an 'enterprise' product, I'm laughing and crying at the same time because I've now wasted weeks (as have others) on what seems to be something just above crapware.
I may sound harsh but I'm just frustrated and annoyed at this point. So much in fact I'm writing this post which I usually use as a 'last resort', after that I need to take my frustrations out on the neighbor dog who barks far too much
Anyway - WTF? Isn't there a clear freaking tutorial on how to get AD Authentication kickin? WTF? Doesn't Alfresco have a web gui to configure the damn thing? Instead you have to muddle around with xml and .properties files?
I'm tired of trying to reverse engineer this thing. It might take me several months to figure it all out which is why I hope someone can point me to an 'authoritative' how to. All I know is I'm not the ONLY one who's looking for this, I'm not the ONLY one who's wasted precious life and I'm not the ONLY one who's irritated beyond belief
Love,
Truly pissed, annoyed and frustrated 🙂
alfresco-3.4.d
CentOS 5.5, x86
OK all - here's the MAIN PROBLEM with anything open source especially if you can run it on multiple platforms…documentation = crap. Even your attempt although 'helpful' in a small sense is not 'complete'. For idiots like me you need to s-p-e-l-l things out literally.
For example:
For you AD you will have no problem if you configure well :
$Alfresco_Home\Tocamt\shared\classes\alfresco\extension\ldap-authentication-context.properties (For authentication)
$Alfresco_Home\Tocamt\shared\classes\alfresco\extension\ldap-synchronization-context.properties (To synchronize groups and user from AD)
$Alfresco_Home\Tocamt\shared\classes\alfresco\extension\chaining-authentication-context.properties (to get both alfresco users and ldap users in the same time)
With OpenLdap you will loose you CIFS ( incompatibility between two encryptions MD5 in openldap and MD4 for cifs ) .
Add this lines to :
$Alfresco_Home\Tocamt\webapps\alfresco\web-inf\classes\log4J.properties
It seems that I do in fact have a full path of:
/opt/alfresco-3.4.d/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/ldap-authentications.properties
* Why are there files here and what do they do? They don't seem to be the SAME files anyway, yours has the word 'context' in them? Mine do not.
I also have files here which match what the post has above:
/opt/alfresco-3.4.d/tomcat/shared/classes/alfresco/extension
* Here I have a lot of '*.xml.sample' files, the * meaning anything from customModel.xml.sample to web-scripts-config-custom.xml.sample, etc, etc
I suspect that I need to tweak /opt/alf…/tomcat/shard/classes/alfresco/extension and throw all the files you're talking about in there but they don't exist so I created them. When creating them and tweaking for my Windows Active Directory environment I restart Alfresco (on CentOS: /etc/init.d/alfresco restart) and I try to hit the logon portal http://myserver:8080/alfresco and it gives me a 404 error not found until I whack my xml files (by whack I mean delete or rename .old or _old).
So the whole 'tutorial' in my view is incomplete and flat doesn't work. Is this a Windows tutorial? I suspect it is but it's hard to tell.
The wiki as people here have mentioned is lacking.
All I want to do is setup Active Directory authentication but Alfresco is seriously lacking documentation and a web gui. WTF? Someone told me that Alfresco is an 'enterprise' product, I'm laughing and crying at the same time because I've now wasted weeks (as have others) on what seems to be something just above crapware.
I may sound harsh but I'm just frustrated and annoyed at this point. So much in fact I'm writing this post which I usually use as a 'last resort', after that I need to take my frustrations out on the neighbor dog who barks far too much
Anyway - WTF? Isn't there a clear freaking tutorial on how to get AD Authentication kickin? WTF? Doesn't Alfresco have a web gui to configure the damn thing? Instead you have to muddle around with xml and .properties files?
I'm tired of trying to reverse engineer this thing. It might take me several months to figure it all out which is why I hope someone can point me to an 'authoritative' how to. All I know is I'm not the ONLY one who's looking for this, I'm not the ONLY one who's wasted precious life and I'm not the ONLY one who's irritated beyond belief
Love,
Truly pissed, annoyed and frustrated 🙂
Hi @ all,
i am quite new with Alfresco and i am trying to get LDAP authentication running with Alfresco Community 4.
I followed this Link here
http://www.ochounos.com/#blog/6
Can anyone look over it and tell me if there is something else i have to do ? Ist the Step by Step complete on that Link ?
Or does somebody have a better way or a Step by step INstruction that works !!!
Here my settings in the LDAP File settings in Alfresco:
ldap.authentication.active=true
synchronization.syncWhenMissingPeopleLogIn=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=uid=%s,ou=Users,dc=mycompany.co.at,dc=at
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://ldap-server.local:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=uid\=administrator,ou\=mycompany.co.at,dc\=mycompany.co.at,dc\=at
ldap.synchronization.java.naming.security.credentials=Password
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou\=Groups,dc\=mycompany.co.at,dc\=at
ldap.synchronization.userSearchBase=ou\=Users,dc\=mycompany.co.at,dc\=at
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
–> Is there something missing ????? :shock:
I get this following Error messages in the Tomcat Log:
2012-10-24 14:49:37,159 ERROR [extensions.webscripts.AbstractRuntime] [http-8080-11] Exception from executeScript - redirecting to status template error: 09240004 Login failed
org.springframework.extensions.webscripts.WebScriptException: 09240004 Login failed
at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)
at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)
at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235)
at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)
at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500)
at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)
at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:861)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1584)
at java.lang.Thread.run(Thread.java:662)
Plz can somebody help me i am trying on that since weeks.
ops: ops: ops:
THX in advance !!
i am quite new with Alfresco and i am trying to get LDAP authentication running with Alfresco Community 4.
I followed this Link here
http://www.ochounos.com/#blog/6
Can anyone look over it and tell me if there is something else i have to do ? Ist the Step by Step complete on that Link ?
Or does somebody have a better way or a Step by step INstruction that works !!!
Here my settings in the LDAP File settings in Alfresco:
ldap.authentication.active=true
synchronization.syncWhenMissingPeopleLogIn=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=uid=%s,ou=Users,dc=mycompany.co.at,dc=at
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://ldap-server.local:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=uid\=administrator,ou\=mycompany.co.at,dc\=mycompany.co.at,dc\=at
ldap.synchronization.java.naming.security.credentials=Password
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou\=Groups,dc\=mycompany.co.at,dc\=at
ldap.synchronization.userSearchBase=ou\=Users,dc\=mycompany.co.at,dc\=at
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
–> Is there something missing ????? :shock:
I get this following Error messages in the Tomcat Log:
2012-10-24 14:49:37,159 ERROR [extensions.webscripts.AbstractRuntime] [http-8080-11] Exception from executeScript - redirecting to status template error: 09240004 Login failed
org.springframework.extensions.webscripts.WebScriptException: 09240004 Login failed
at org.alfresco.repo.web.scripts.bean.AbstractLoginBean.login(AbstractLoginBean.java:75)
at org.alfresco.repo.web.scripts.bean.LoginPost.executeImpl(LoginPost.java:73)
at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235)
at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)
at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:393)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:388)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:462)
at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:500)
at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:275)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:372)
at org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)
at org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:118)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:58)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:861)
at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1584)
at java.lang.Thread.run(Thread.java:662)
Plz can somebody help me i am trying on that since weeks.
ops: ops: ops:THX in advance !!
Hi Scouil,
you are right, its just i tried so much and reat a lot but still can not get it done.
I will go over this Thread from the begining and try again and give some Feedback if i get it done.
Thx. for getting a… kicked it woke me up
kr Hans
you are right, its just i tried so much and reat a lot but still can not get it done.
I will go over this Thread from the begining and try again and give some Feedback if i get it done.
Thx. for getting a… kicked it woke me up
kr Hans
