Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ldap configuration in alfresco 7.2 in docker

javico1
Confirmed Champ
Confirmed Champ

‎07-31-2024 12:26 PM

hello guys, please, I need to configure ldap synchronization in alfresco 7 with docker, since the users authenticate to the ldap from alfresco but the groups and users are not synchronized

Labels:
0 Kudos
3 REPLIES 3

abhinavmishra14
World-Class Innovator
World-Class Innovator

‎07-31-2024 01:01 PM

Take a look at the following documentations thoroughly: https://docs.alfresco.com/content-services/latest/admin/auth-sync/#ldapconfprops

https://docs.alfresco.com/content-services/latest/admin/auth-sync/#example-authentication-and-synchr...

you will need to configure the auth chain and ldap connection properties such as (Example): 

-Dauthentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad
-Dldap.authentication.allowGuestLogin=false 
-Dldap.authentication.active=false
-Dldap.authentication.java.naming.referral=follow
-Dldap.authentication.defaultAdministratorUserNames=admin
-Dldap.synchronization.java.naming.security.principal="ldapuser"
-Dldap.synchronization.java.naming.security.credentials="ldappassword"
-Dldap.authentication.java.naming.provider.url="ldap://mycompany-ldap-server:389"

in second steps you will need to configure the sync properties (Example). Adjust the queries per your org need:

-Dldap.synchronization.groupSearchBase=""
-Dldap.synchronization.userSearchBase=""
-Dldap.synchronization.personQuery="" 
-Dldap.synchronization.personDifferentialQuery="" 
-Dldap.synchronization.groupQuery=""
-Dldap.synchronization.groupDifferentialQuery=""

in third step, decide how the sync should happen (Example):

-Dsynchronization.synchronizeChangesOnly=false
-Dsynchronization.syncOnStartup=true
~Abhinav
(ACSCE, AWS SAA, Azure Admin)
0 Kudos

javico1
Confirmed Champ
Confirmed Champ
In response to abhinavmishra14

‎07-31-2024 01:47 PM

As I explained, I did the same thing, the users can be authenticated but it does not synchronize any example of a domain... in order to understand more, I am new to alfresco

0 Kudos

abhinavmishra14
World-Class Innovator
World-Class Innovator
In response to javico1

‎08-01-2024 09:44 AM

There is no different config either. If users are not synching, you need to see and fix the queries. That's the most common issue i have observed when the sync queries are setup wrong. Example is given here https://docs.alfresco.com/content-services/latest/admin/auth-sync/#example-authentication-and-synchr... but this varries per organization. I would also suggest you connect with your IT team who manage the LDAP server/IAMs

-Dldap.synchronization.groupSearchBase=""
-Dldap.synchronization.userSearchBase=""
-Dldap.synchronization.personQuery="" 
-Dldap.synchronization.personDifferentialQuery="" 
-Dldap.synchronization.groupQuery=""
-Dldap.synchronization.groupDifferentialQuery=""
~Abhinav
(ACSCE, AWS SAA, Azure Admin)
0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC