Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- Problem with OpenLDAP Sync and Alfresco Community ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Problem with OpenLDAP Sync and Alfresco Community 5.0.c
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2015 11:35 AM
I am having difficulty integrating OpenLdap with Alfresco Community 5.0.c. My configurations work for Community 4.2.e
<blockcode>
19:12:16,486 WARN [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Failed to process entry "uid=wkatumba,dc=parl
iament,dc=go,dc=ug".
org.springframework.dao.ConcurrencyFailureException: Forcing batch retry for unknown authority; nested exception is org.alfresco.repo.security.authority.UnknownAuthorityException: 01052159 An authority was not found for GROUP_CommPhysica
l
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.maintainAssociationCreations(ChainingUserRegistrySynchronizer.java:1674)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1300(ChainingUserRegistrySynchronizer.java:978)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1PersonWorker.process(ChainingUserRegistrySynchronizer.java:1817)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1PersonWorker.process(ChainingUserRegistrySynchronizer.java:1724)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.execute(BatchProcessor.java:712)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:454)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.run(BatchProcessor.java:756)
at org.alfresco.repo.batch.BatchProcessor.process(BatchProcessor.java:398)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1832)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:713)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:436)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:2052)
at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:2046)
at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onApplicationEvent(ChainingUserRegistrySynchronizer.java:2409)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ChildApplicationContext.publishEvent(ChildApplicationContextFactory.java:554)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:911)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:428)
at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:809)
at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:991)
at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:530)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEventInternal(SafeApplicationEventMulticaster.java:209)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:180)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:303)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:911)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:428)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1073)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1857)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.alfresco.repo.security.authority.UnknownAuthorityException: 01052159 An authority was not found for GROUP_CommPhysical
at org.alfresco.repo.security.authority.AuthorityDAOImpl.addAuthority(AuthorityDAOImpl.java:329)
</blockcode>
<blockcode>
19:12:16,486 WARN [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [localhost-startStop-1] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Failed to process entry "uid=wkatumba,dc=parl
iament,dc=go,dc=ug".
org.springframework.dao.ConcurrencyFailureException: Forcing batch retry for unknown authority; nested exception is org.alfresco.repo.security.authority.UnknownAuthorityException: 01052159 An authority was not found for GROUP_CommPhysica
l
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.maintainAssociationCreations(ChainingUserRegistrySynchronizer.java:1674)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1300(ChainingUserRegistrySynchronizer.java:978)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1PersonWorker.process(ChainingUserRegistrySynchronizer.java:1817)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1PersonWorker.process(ChainingUserRegistrySynchronizer.java:1724)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.execute(BatchProcessor.java:712)
at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:454)
at org.alfresco.repo.batch.BatchProcessor$TxnCallback.run(BatchProcessor.java:756)
at org.alfresco.repo.batch.BatchProcessor.process(BatchProcessor.java:398)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1832)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:713)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:436)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$7.doWork(ChainingUserRegistrySynchronizer.java:2052)
at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:2046)
at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onApplicationEvent(ChainingUserRegistrySynchronizer.java:2409)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ChildApplicationContext.publishEvent(ChildApplicationContextFactory.java:554)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:911)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:428)
at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:809)
at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:991)
at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:530)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEventInternal(SafeApplicationEventMulticaster.java:209)
at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:180)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:303)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:911)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:428)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:276)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:197)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4973)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5467)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:632)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1073)
at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1857)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.alfresco.repo.security.authority.UnknownAuthorityException: 01052159 An authority was not found for GROUP_CommPhysical
at org.alfresco.repo.security.authority.AuthorityDAOImpl.addAuthority(AuthorityDAOImpl.java:329)
</blockcode>
Labels:
- Labels:
-
Archive
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2015 05:31 AM
Hi,
I have the same problem. I can split problem in 3 steps.
1) some tutorial says to do this
<blockcode>
$ mkdir {ALFRESCO_HOME}/shared/classes/alfresco/extension/subsystems/Authentication/myldap
$ cd {ALFRESCO_HOME}/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/
$ cp ./ldap/*.properties {ALFRESCO_HOME}/shared/classes/alfresco/extension/subsystems/Authentication/ldap/myldap
</blockcode>
but this is impossible because i don't find ldap subfolder with sample file in my 5.0.c release
2) So I added the configuraztion in alfresco-global.properties and I see that works. On startup i see by log that gorup and users are found but not imported and so LDAP users can't login.
This is teh configuration
<blockcode>
authentication.chain=alfinst:alfrescoNtlm,ldap:ldap-ad
synchronization.sinchronyzeChangesOnly=false
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
synchronization.import.cron=0 0 18 * * ?
ntlm.authentication.sso.enabled=false
ldap.authentication.active=true
ldap.synchronization.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid=%s,dc=example,dc=com
ldap.authentication.java.naming.provider.url=ldap://localhost:10389
ldap.authentication.defaultAdministratorUserNames=Administrator,amministrazione
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=uid=test,ou=system
ldap.synchronization.java.naming.security.credentials=test
ldap.synchronization.groupSearchBase=dc=example,dc=com
ldap.synchronization.userSearchBase=dc=example,dc=com
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
#ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=uniqueMember
</blockcode>
With this configuration on alfresco startup I see that some group and user are found but not imported.
So I added this configuration
<blockcode>
ldap.synchronization.groupQuery=(objectclass=groupOfUniqueNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfUniqueNames)(!(modifyTimestamp<={0})))
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<={0})))
</blockcode>
After I added this configuration option alfresco startup stops and i see thi smessage in LDAP server
<blockquote>
Diagnostic message : 'INVALID_CREDENTIALS: Bind failed: ERR_268 Cannot find a partition for cn=daftAsABrush,dc=woof
</blockquote>
3) last change: authentication.chain from
authentication.chain=alfinst:alfrescoNtlm,ldap:<strong>ldap-ad</strong>
to
authentication.chain=alfinst:alfrescoNtlm,ldap:<strong>ldap</strong>
because i m using apacheds server as LDAP server
and now I don't have any message in alfresco startup about user and group and also i can't login.
I hope someone can help me.
Best regards
I have the same problem. I can split problem in 3 steps.
1) some tutorial says to do this
<blockcode>
$ mkdir {ALFRESCO_HOME}/shared/classes/alfresco/extension/subsystems/Authentication/myldap
$ cd {ALFRESCO_HOME}/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/
$ cp ./ldap/*.properties {ALFRESCO_HOME}/shared/classes/alfresco/extension/subsystems/Authentication/ldap/myldap
</blockcode>
but this is impossible because i don't find ldap subfolder with sample file in my 5.0.c release
2) So I added the configuraztion in alfresco-global.properties and I see that works. On startup i see by log that gorup and users are found but not imported and so LDAP users can't login.
This is teh configuration
<blockcode>
authentication.chain=alfinst:alfrescoNtlm,ldap:ldap-ad
synchronization.sinchronyzeChangesOnly=false
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
synchronization.import.cron=0 0 18 * * ?
ntlm.authentication.sso.enabled=false
ldap.authentication.active=true
ldap.synchronization.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid=%s,dc=example,dc=com
ldap.authentication.java.naming.provider.url=ldap://localhost:10389
ldap.authentication.defaultAdministratorUserNames=Administrator,amministrazione
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=uid=test,ou=system
ldap.synchronization.java.naming.security.credentials=test
ldap.synchronization.groupSearchBase=dc=example,dc=com
ldap.synchronization.userSearchBase=dc=example,dc=com
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
#ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=description
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=uniqueMember
</blockcode>
With this configuration on alfresco startup I see that some group and user are found but not imported.
So I added this configuration
<blockcode>
ldap.synchronization.groupQuery=(objectclass=groupOfUniqueNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfUniqueNames)(!(modifyTimestamp<={0})))
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<={0})))
</blockcode>
After I added this configuration option alfresco startup stops and i see thi smessage in LDAP server
<blockquote>
Diagnostic message : 'INVALID_CREDENTIALS: Bind failed: ERR_268 Cannot find a partition for cn=daftAsABrush,dc=woof
</blockquote>
3) last change: authentication.chain from
authentication.chain=alfinst:alfrescoNtlm,ldap:<strong>ldap-ad</strong>
to
authentication.chain=alfinst:alfrescoNtlm,ldap:<strong>ldap</strong>
because i m using apacheds server as LDAP server
and now I don't have any message in alfresco startup about user and group and also i can't login.
I hope someone can help me.
Best regards
Related Content
- Webinar recording: Enhance your Alfresco solution with Generative AI in Alfresco Blog
- Migration Alfresco Community 5.2 to alfresco 23.1 in Alfresco Forum
- Alfresco Community Edition 23.4 Release Notes in Alfresco Blog
- How can I upgrade pdf.js from 1.5.188 to 3.x or 4.x in Alfresco Forum
- Search service is calling transaction API 100 times per second in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
