Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Error while configuring LDAP for SSO

piyush48
Star Contributor
Star Contributor

‎03-16-2020 05:48 AM

Hi All,

I am getting errors while configuring LDAP with my SDK 3.0 after changing alfresco-global-properties file.

As i am new towards administrating Alfresco topic. I am following documentation example given. Please find the image of error occuring while running SDK 3.0.

image

Thanks,

Piyush

Labels:
0 Kudos
5 REPLIES 5

EddieMay
World-Class Innovator
World-Class Innovator

‎03-16-2020 07:21 AM

Hi @piyush48,

Take a look at this thread, it might be of help.

HTH

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
0 Kudos

piyush48
Star Contributor
Star Contributor
In response to EddieMay

‎03-17-2020 09:15 AM

Also Eddie i have done changes as posted in your thread. i have provided my alfresco-global properties file above please go through and suggest.

Thanks,

Piyush

0 Kudos

EddieMay
World-Class Innovator
World-Class Innovator
In response to piyush48

‎03-17-2020 11:52 AM

Hi @piyush48,

Looking at some of the values you are using, these are the default values - these need replacing with your equivalents. For example,  

ldap.authentication.userNameFormat=%s@alfresco.com

@alfresco.com should be replaced with your own domain.

Similarly,

ldap.authentication.java.naming.provider.url=ldap://alfresco.com:389
 
....

ldap.synchronization.java.naming.security.principal=administrator@alfresco.com

need changing - the 1st is looking to alfresco.com when it should be referring to the URL to connect to your own LDAP server.

This is probably the primary reason it says it's unable to connect to the LDAP server.

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
0 Kudos

narkuss
Star Contributor
Star Contributor

‎03-17-2020 02:41 AM

You are not effectively overriding default Alfresco ldap-ad properties, as the logs state it is trying to connect to ldap://domaincontroller.company.com:389, which is the default value for ldap.authentication.java.naming.provider.url, as you can see here: https://github.com/Alfresco/alfresco-repository/blob/3752edb6d69fe5ff4c47bbce4909193bd2db9a97/src/ma...

Check your ldap-ad configuration properties.

0 Kudos

piyush48
Star Contributor
Star Contributor
In response to narkuss

‎03-17-2020 09:12 AM

I have tried following the code presented on link you have share but still having error with connection of LDAP.

Please look at my alfresco-global.properties file

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=%s@alfresco.com
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://alfresco.com:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=administrator@alfresco.com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true

ldap.synchronization.groupQuery=objectclass\=group
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=alfresco=alfresco,dc=com)(ou=alfresco,dc=alfresco,dc=com)))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=alfresco,dc=alfresco,dc=com)(ou=alfresco,dc=alfresco,dc=com))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=ou\=alfresco,dc\=alfresco,dc\=com

ldap.synchronization.userSearchBase=dc\=alfresco,dc\=com

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Please suggest me changes to this file to solve error. imageimage

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC