05-23-2017 02:14 PM
Hi guys,
I'm facing some difficulties to configure the Alfresco Community 201704 with LDAP using the Apache Directory Studio. I read in some foruns a lot of different ways configure these two solutions, one for 201704 version and others for older versions of Alfresco.
I was in the topic alfresco - Ldap and alfresco 5.2 synchronization - Stack Overflow, but even doing the changes only for my server, still I hadn't success to use the users and passwords from Apache Directory Studio, that in another application is working well.
I pasted down below the code that I put in the file "alfresco-global.properties" in \Alfresco\tomcat\shared\classes\.
### LDAP connection ###
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad
ntlm.authentication.sso.enabled=false
ldap.synchronization.java.naming.security.authentication=simple
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid=%s,ou=users,ou=system
ldap.authentication.java.naming.provider.url=[MYDOMAIN]
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco, admin
ldap.synchronization.java.naming.security.principal=uid=admin,ou=system
ldap.synchronization.java.naming.security.credentials=[MYPASSWORD]
ldap.synchronization.active=true
#ldap.synchronization.groupQuery=(objectclass=groupOfNames)
#ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfNames)(!(modifyTimestamp<\={0})))
#ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
#ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<\={0})))
# Group
ldap.synchronization.groupSearchBase=ou=groups,ou=system
# User
ldap.synchronization.userSearchBase=ou=users,ou=system
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
# Sync
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
synchronization.import.cron=0 */15 * * * ?
create.missing.people=false
So, if you have any idea what is happining I'll be glad to know your answer and help.
Thanks in advance.
Fábio
05-24-2017 12:57 AM
You can use the ldap browser/client apache directory studio to test your person and group queries.
In your properties, these are commented out - I suppose this is just by mistake.
To force a full sync on startup you could try to set your differential queries to the same value as the full queries (just for a test, reset it to the original value for normal use).
Is there any error in the alfresco.log or Catalina.out?
05-24-2017 09:26 AM
Hi Martin,
Please, check my answer down below.
Regards,
Fabio
05-24-2017 12:28 PM
Hi Fabio,
Installing in F:\Alfresco is fine - better then using c:\Program.... because alfresco put its data directory (alf_data) under the install-root in the default Installation.
If not already done: You should check your alfresco and tomcat logs for errors and the messages of the ldap-sync. Under Linux they are called alfresco.log (sometimes in the install root) and Catalina.out (install root/tomcat/logs) - don't know the filenames under Windows.
Did you use the alfresco installer?
05-24-2017 04:35 PM
Yes, Martin!
Now it worked. I restarted the server, and I commented only the line down below:
#ldap.synchronization.groupQuery=(objectclass=groupOfNames)
#ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfNames)(!(modifyTimestamp<\={0})))
The other one is without comments, see:
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<\={0})))
Thank for your support!
Fábio
05-24-2017 04:39 PM
Good to hear you got it working
05-24-2017 09:25 AM
Hi Martin,
These comments I put in my second try, in the first try they weren't there. But the result still is the same (see down below). I'm analysing the logs here. But anyway, I was wondering if the path that I installed both applications is not the reason of the problem. I didn't use the "C:\Program Files (x86)", but another directory like "F:\Alfresco\". In this case, possibly, I must do some changes in catalina.proporties or another file, right?
Thank you once more!
Fabio
Explore our Alfresco products with the links below. Use labels to filter content by product module.