cancel
Showing results for 
Search instead for 
Did you mean: 

Share 3.3 no sites listed in my sites

jimmykirk
Champ in-the-making
Champ in-the-making
I recently installed 3.3

Everything seems okay, but it seems like almost daily that my user, nobody else, gets kicked out of all the groups I'm in.

For instance, I login and have nothing in "My Sites". If I search in the sites search area, I see the option to "Leave" one I should be a member of.

Anyone else had this issue?

Notes: I am using LDAP authentication and the my user was designated as the Admin in the ldap config. I recently changed it to a dedicated Alfresco Admin user…
2 REPLIES 2

jimmykirk
Champ in-the-making
Champ in-the-making
It's done it again. It seems like it purges my joined sites daily.

This is from the log yesterday, and seems odd to me:

10:14:31,161 WARN  [org.alfresco.repo.usage.ContentUsageImpl] User usage (jimmy) is negative (-5468557) overriding to 010:14:31,194 WARN  [org.alfresco.repo.usage.ContentUsageImpl] User usage (jimmy) is negative (-5871645) overriding to 010:14:31,210 WARN  [org.alfresco.repo.usage.ContentUsageImpl] User usage (jimmy) is negative (-5881629) overriding to 010:14:31,240 WARN  [org.alfresco.repo.usage.ContentUsageImpl] User usage (jimmy) is negative (-5883742) overriding to 010:14:31,256 WARN  [org.alfresco.repo.usage.ContentUsageImpl] User usage (jimmy) is negative (-6021673) overriding to 0‍‍‍‍‍‍‍

This is the LDAP sync log from today:

00:00:00,082 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'00:00:00,082 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Full synchronization with user registry 'ldap1'; some users and groups previously created by synchronization with this us$00:00:00,082 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'00:00:00,096 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 2 entries00:00:00,487 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Processed 2 entries out of 2. 100% complete. Rate: 5 per second. 0 failures detected.00:00:00,487 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 2 entries00:00:00,505 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Creation and Association: Commencing batch of 2 entries00:00:00,506 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Creation and Association: Processed 2 entries out of 2. 100% complete. Rate: 2000 per second. 0 failures dete$00:00:00,506 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Creation and Association: Completed batch of 2 entries00:00:00,506 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all users from user registry 'ldap1'00:00:00,514 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 24 entries00:00:02,127 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Processed 24 entries out of 24. 100% complete. Rate: 14 per second. 0 failures detec$00:00:02,127 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Completed batch of 24 entries00:00:02,238 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Commencing batch of 1 entries00:00:02,442 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Processed 1 entries out of 1. 100% complete. Rate: 4 per second. 0 failures detected.00:00:02,442 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Authority Deletion: Completed batch of 1 entries00:00:02,442 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap1'00:00:02,442 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] 25 user(s) and 2 group(s) processed09:50:27,213 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'09:50:27,215 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving groups changed since May 3, 2010 11:41:35 AM from user registry 'ldap1'09:50:27,225 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 0 entries09:50:27,226 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 0 entries09:50:27,226 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving users changed since May 12, 2010 11:47:13 PM from user registry 'ldap1'09:50:27,239 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 2 entries09:50:27,308 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Processed 2 entries out of 2. 100% complete. Rate: 28 per second. 0 failures detecte$09:50:27,308 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Completed batch of 2 entries09:50:27,310 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap1'09:50:27,310 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] 2 user(s) and 0 group(s) processed‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Is there any way I can find out which two users it's "resynching"? it seems like it's removing my account and adding it back each sync.

Here is my ldap config in alfresco-global.properties:

#ldap info!authentication.chain=ldap1:ldapldap.authentication.active=trueldap.authentication.java.naming.security.authentication=simpleldap.authentication.allowguestLogin=falseldap.authentication.userNameFormat=uid=%s,ou=people,dc=domain,dc=comldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactoryldap.authentication.java.naming.provider.url=ldap://10.0.0.109:389ldap.authentication.java.naming.security.authentication=simpleldap.authentication.escapeCommasInBind=falseldap.authentication.escapeCommasInUid=falseldap.authentication.defaultAdministratorUserNames=alfrescoadminldap.synchronization.active=trueldap.synchronization.queryBatchSize=1000ldap.synchronization.java.naming.security.principal=uid=zimbra,cn=admins,cn=zimbraldap.synchronization.java.naming.security.credentials=<password>ldap.synchronization.modifyTimestampAttributeName=modifyTimestampldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'ldap.synchronization.userSearchBase=dc=domain,dc=comldap.synchronization.userIdAttributeName=uidldap.synchronization.userFirstNameAttributeName=givenNameldap.synchronization.userLastNameAttributeName=snldap.synchronization.userEmailAttributeName=mailldap.synchronization.userOrganizationalIdAttributeName=companyldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider#ldap.synchronization.personQuery=(&(objectClass=organizationalPerson)(zimbraMailStatus=enabled))ldap.synchronization.personQuery=(&(&(objectClass=organizationalPerson)(zimbraMailStatus=enabled)(gidNumber=20001)))ldap.synchronization.personDifferentialQuery=(&(objectClass=organizationalPerson)(zimbraMailStatus=enabled)(!(modifyTimestamp<={0})))ldap.synchronization.personType=organizationalPersonldap.synchronization.groupSearchBase=dc=domain,dc=comldap.synchronization.groupQuery=(&(objectclass=zimbraDistributionList)(zimbraMailStatus=enabled))ldap.synchronization.groupDifferentialQuery=(&(objectclass=zimbraDistributionList)(zimbraMailStatus=enabled)(!(modifyTimestamp<={0})))ldap.synchronization.groupIdAttributeName=cnldap.synchronization.groupType=zimbraDistributionListldap.synchronization.groupMemberAttributeName=zimbraMailForwardingAddresssynchronization.synchronizeChangesOnly=falsesynchronization.syncOnStartup=truesynchronization.syncWhenMissingPeopleLogIn=truesynchronization.autoCreatePeopleOnLogin=true# every 5 minutesldap.synchronization.import.cron=5 * * * *‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Could it be that I need synchronizeChanges only to be true? I'm going crazy over here losing my sites daily…

jimmykirk
Champ in-the-making
Champ in-the-making
Little more digging and I found it.

It was an uh-oh by me.

We have some accounts we don't want in Alfresco or on our Samba shares.

We are using Zimbra with the POSIX/SAMBA integration. I have some people not on SAMBA/Alfresco with a posixGID of 20002(Dummy Account). I had forgotten that my account was setup with PosixGID of 20004(Domain Admins), as we authenticate our Windows machines with our SAMBA PDC. So, I have appended the ldap.PersonQuery to include that group, along with our PosixGID of 20001(Everybody).

The new person query used to resolve this is below

(&(&(objectClass=organizationalPerson)(zimbraMailStatus=enabled)(|(gidNumber=20001)(gidNumber=20004))))‍

I still have one other account showing up as being changed, but I don't have any users complaining about this. Is there a more verbose output to the log that I could use to see which users it's adding?