I am using Alfresco 3.3 I would love to use SSO with NTLM v2 for authentication. From the documentation:
This basic use of NTLM requires Alfresco to store its own copies of your MD4 password hash, which means your user ID and password must be the same in both Alfresco and your Windows domain.
I have turned on LDAP-AD synchronization which imported all my users, but…it didn't import the passwords (nor am I sure that it can).
So, my question is this, can I sync the alfresco and LDAP password so I can use NTLM to authenticate SSO and LDAP to sync?
Authentication and synchronization are treated as two separate things. So, you should set up ntlm passthru authentication to the windows domain server, but use LDAP sync to import users and groups.
Alas, Kerberos is not available for us. We technically could invest the time and money to set it all up, but if there was a way to sync the LDAP passwords with alfresco's internal storage then we wouldn't have to.
As of now we have the authentication happening against the Active Directory LDAP system, but the SSO isn't possible since Alfresco doesn't know about the user's passwords. As much as I like Alfresco, I'm worried that this is going to be a deal killer for using it.
