cancel
Showing results for 
Search instead for 
Did you mean: 

alfresco and ldap configuration

fatma19
Confirmed Champ
Confirmed Champ

I am currently configuring alfresco to use ldap server for authentication. I followed the offecial documentation and i updated alfresco-global.properties file but it dosen't work. i am using alfresco 5.2 and this is my alfresco-global.properties file and the ldap hiarchy.

###############################
## Common Alfresco Properties #
###############################

dir.root=C:/ALFRES~1/alf_data

alfresco.context=alfresco
alfresco.host=127.0.0.1
alfresco.port=8080
alfresco.protocol=http

share.context=share
share.host=127.0.0.1
share.port=8080
share.protocol=http

### database connection properties ###
db.driver=org.postgresql.Driver
db.username=alfresco
db.password=admin
db.name=alfresco
db.url=jdbcSmiley Tongueostgresql://localhost:5432/${db.name}
# Note: your database must also be able to accept at least this many connections. Please see your database documentation for instructions on how to configure this.
db.pool.max=275
db.pool.validate.query=SELECT 1

# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=UNKNOWN

### FTP Server Configuration ###
ftp.port=21

### RMI registry port for JMX ###
alfresco.rmi.services.port=50500

### External executable locations ###
ooo.exe=C:/ALFRES~1/LIBREO~1/App/libreoffice/program/soffice.exe
ooo.enabled=true
ooo.port=8100
img.root=C:\\alfresco-community\\imagemagick
img.coders=${img.root}\\modules\\coders
img.config=${img.root}
img.gslib=${img.root}\\lib
img.exe=${img.root}\\convert.exe

jodconverter.enabled=false
jodconverter.officeHome=C:/ALFRES~1/LIBREO~1/App/libreoffice
jodconverter.portNumbers=8100

### Initial admin password ###
alfresco_user_store.adminpassword=209c6174da490caeb422f3fa5a7ae634

### E-mail site invitation setting ###
notification.email.siteinvite=false

### License location ###
dir.license.external=C:/ALFRES~1

### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.host=localhost
solr.port.ssl=8443

### Allow extended ResultSet processing
security.anyDenyDenies=false

### Smart Folders Config Properties ###
smart.folders.enabled=false

### Remote JMX (Default: disabled) ###
alfresco.jmx.connector.enabled=false


### Remote JMX (Default: disabled) ###
alfresco.jmx.connector.enabled=false


authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap

ntlm.authentication.sso.enabled=false

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s
ldap.authentication.java.naming.provider.url=ldap://localhost:10389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.java.naming.security.principal=admin
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.groupSearchBase=ou=groups,o=mojo
ldap.synchronization.userSearchBase=ou=users,o=mojo

13 REPLIES 13

mehe
Elite Collaborator
Elite Collaborator

Your properties file is hard to read 🙂 and some of the ldap configuration seems to be cut off at the end

fatma19
Confirmed Champ
Confirmed Champ

you can find the post here 

alfresco and ldap configuration - Stack Overflow 

updated 

mehe
Elite Collaborator
Elite Collaborator

ahhh better Smiley Happy

ldap.authentication.userNameFormat=

would be default for LDAP ( Ian Wright )

And you should set your ldap.synchronization.userIdAttributeName (not visible on your tree screenshot)

I usally also define the queries in global properties, for example like:

ldap.synchronization.groupQuery=(objectClass=group)

ldap.synchronisation.personQuery=(objectClass=user)

or on posix:

ldap.synchronisation.personQuery=(objectclass=posixAccount)

ldap.synchronisation.groupQuery=(objectclass=posixGroup)

and the differential queries. But you need know how your classes are named.

fatma19
Confirmed Champ
Confirmed Champ

could you please give me your email ? 

mehe
Elite Collaborator
Elite Collaborator

I would prefer to discuss it in the community, so we'd have more content and problem solutions here.

fatma19
Confirmed Champ
Confirmed Champ

i did that but it always connect to the default users not ldap users 

michaelr93
Champ in-the-making
Champ in-the-making

I had a similar issue and I followed this site to get my ldap authentication working.

Alfresco 5.0 & LDAP Authentication | Geology FOSS Blog 

but it is using ldap-authentication file and i didn't found it in alfresco