cancel
Showing results for 
Search instead for 
Did you mean: 

NTLM working except admin account?

carltonw
Champ in-the-making
Champ in-the-making
I'm running Labs 3C and got NTLM working using this wiki doc:
http://wiki.alfresco.com/wiki/3.0_Configuring_NTLM#NTLM_Passthru_Authentication

I'm able to get the accounts from AD to login thru the web UI, but I can't get the admin account to work so I setup the custom-authority-services-context.xml as suggested in the instructions, but after I copied the file into tomcat\shared\classes\alfresco\extension I wasn't able to pull up the web UI. I also noticed string of errors when tomcat loated on my Win2003 box.

Any suggestions? All I want to do is allow users to sign-on from AD to the web UI and have a seperate admin account setup in Alfresco for administration.
2 REPLIES 2

meansartin14
Champ in-the-making
Champ in-the-making
I'm running Labs 3C and got NTLM working using this wiki doc:
http://wiki.alfresco.com/wiki/3.0_Configuring_NTLM#NTLM_Passthru_Authentication

I'm able to get the accounts from AD to login thru the web UI, but I can't get the admin account to work so I setup the custom-authority-services-context.xml as suggested in the instructions, but after I copied the file into tomcat\shared\classes\alfresco\extension I wasn't able to pull up the web UI. I also noticed string of errors when tomcat loated on my Win2003 box.

Any suggestions? All I want to do is allow users to sign-on from AD to the web UI and have a seperate admin account setup in Alfresco for administration.

I could be wrong, but unless you a) have an account in AD called "admin" and b) are logged in on the client PC as "admin", I don't think you will be able to login via "admin" anymore, regardless of what you put in custom-authority-services-context.xml.

The way I got around this issue was use custom-authority-services-context.xml to set 1 or more existing AD user names to have admin privileges. This solved my problem.

carltonw
Champ in-the-making
Champ in-the-making
I was able to get around this by logging in as administrator (with local server credentials). How can I setup Contribute, Manage, etc… rights if the users are authenticating via NTLM on AD?