Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- OpenLDAP Authentication works but Sync doesn't wor...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
OpenLDAP Authentication works but Sync doesn't works.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2016 06:59 AM
Hi All,
I have configured OpenLDAP for Authentication as well as Synchronize user information purpose. Authentication through OpenLDAP works like a charm but Synchronization user details doesn't works. Below are my configurations:
<strong>(1) alfresco-global.properties:</strong>
<strong>(2) ldap-authentication.properties:</strong>
I have configured OpenLDAP for Authentication as well as Synchronize user information purpose. Authentication through OpenLDAP works like a charm but Synchronization user details doesn't works. Below are my configurations:
<strong>(1) alfresco-global.properties:</strong>
authentication.chain=ldap1:ldap
synchronization.synchronizeChangesOnly=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
<strong>(2) ldap-authentication.properties:</strong>
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://local-ldap.company.com:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=
ldap.authentication.authenticateFTP=true
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn\=Manager,dc\=company,dc\=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000
ldap.synchronization.groupQuery=(objectclass\=groupOfUniqueNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfUniqueNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=dc\=company,dc\=com
ldap.synchronization.userSearchBase=dc\=company,dc\=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=uniqueMember
ldap.synchronization.enableProgressEstimation=true
ldap.authentication.java.naming.read.timeout=0
Labels:
- Labels:
-
Archive
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-17-2016 06:58 AM
Hai sjoshi,
Just follow these properties it will work,
######AUTHENTIFICATION CHAIN####
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
######SUBSYSTEM AUTHENTIFICATION####
### SIMPLE AUTHENTIFICATION ###
ldap.authentication.java.naming.security.authentication=simple
#ldap.authentication.userNameFormat=uid=%s,ou=users,ou=system
#ldap.authentication.userNameFormat=CN=%s,ou=users,ou=system
ldap.authentication.userNameFormat=
ldap.authentication.active=true
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://localhost:10389
ldap.authentication.allowGuestLogin=true
#####################################
###### SUBSYSTEM SYNCHRONISATION ####
#####################################
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=uid=admin,ou=system
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(objectclass=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou=groups,ou=system
ldap.synchronization.userSearchBase=ou=users,ou=system
#ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
#ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.modifyTimestampAttributeName=whenChanged
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
################# ATTRIBUTE MAPPING #############
#### mapping to unique username in username attribute###
ldap.synchronization.userIdAttributeName=uid
#ldap.synchronization.userLastNameAttributeName=cn
#ldap.synchronization.userEmailAttributeName=mail
#ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.groupIdAttributeName=cn
#ldap.synchronization.groupType=
#ldap.synchronization.personType=
ldap.synchronization.groupMemberAttributeName=member
#ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.enableProgressEstimation=true
####################################
###### SYNCHRONISATION SETTINGS ####
####################################
synchronization.autoCreatePeopleOnLogin=false
#synchronization.import.group.clearAllChildren=true
# full sync or only changes?
synchronization.synchronizeChangesOnly=false
# to sync on each alfresco startup
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=false
### DONT USE UNIX CRON EXPRESSION- USE QUARTZ CRON EXPRESSIONS!!!
### look here http://www.quartz-scheduler.org/docs/tutorials/crontrigger.html
### synchronisation starts every 15 minutes!
synchronization.import.cron=0 0/5 * * * ?
Just follow these properties it will work,
######AUTHENTIFICATION CHAIN####
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
######SUBSYSTEM AUTHENTIFICATION####
### SIMPLE AUTHENTIFICATION ###
ldap.authentication.java.naming.security.authentication=simple
#ldap.authentication.userNameFormat=uid=%s,ou=users,ou=system
#ldap.authentication.userNameFormat=CN=%s,ou=users,ou=system
ldap.authentication.userNameFormat=
ldap.authentication.active=true
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://localhost:10389
ldap.authentication.allowGuestLogin=true
#####################################
###### SUBSYSTEM SYNCHRONISATION ####
#####################################
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=uid=admin,ou=system
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(objectclass=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou=groups,ou=system
ldap.synchronization.userSearchBase=ou=users,ou=system
#ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
#ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.modifyTimestampAttributeName=whenChanged
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
################# ATTRIBUTE MAPPING #############
#### mapping to unique username in username attribute###
ldap.synchronization.userIdAttributeName=uid
#ldap.synchronization.userLastNameAttributeName=cn
#ldap.synchronization.userEmailAttributeName=mail
#ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.groupIdAttributeName=cn
#ldap.synchronization.groupType=
#ldap.synchronization.personType=
ldap.synchronization.groupMemberAttributeName=member
#ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.enableProgressEstimation=true
####################################
###### SYNCHRONISATION SETTINGS ####
####################################
synchronization.autoCreatePeopleOnLogin=false
#synchronization.import.group.clearAllChildren=true
# full sync or only changes?
synchronization.synchronizeChangesOnly=false
# to sync on each alfresco startup
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=false
### DONT USE UNIX CRON EXPRESSION- USE QUARTZ CRON EXPRESSIONS!!!
### look here http://www.quartz-scheduler.org/docs/tutorials/crontrigger.html
### synchronisation starts every 15 minutes!
synchronization.import.cron=0 0/5 * * * ?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-17-2016 07:02 AM
add these properties in alfresco.global.properties and Check your port numbers everything run the server it will work.
Related Content
- ACS 6.2 authentication using OpenLDAP in Alfresco Forum
- cant login to alfresco in Alfresco Forum
- How to Switch from LDAP to Active DIrectory for Authentication in Alfresco Forum
- Alfresco 6.2 - Showing the basic auth dialog when accessing to /alfresco/api in Alfresco Forum
- Users cant authenticate after LDAP synchronization in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
