Hyland Connect

skushnerenko · ‎09-06-2017

Alfresco 5.2.0 (r133656-b12) is synchronized with Active Directory (ldap.synchronization.active=true)

We have problem, some person "marshall" succesfully authenticates via LDAP if person name is in lower case, but receives authentication error if person name is in upper case "MARSHALL" .

All other persons may authenticate to Alfresco with username in both upper and lower case.

I suppose, that Alfresco keeps two person names, one in lower case and one in upper case with different passwords.

But by no means I can query the othe person with name "MARSHALL", only "marshall".

I tried CMIS queries :

SELECT * FROM cmerson where cm:userName='MARSHALL'

SELECT * FROM cmerson where cm:userName='marshall'

and I tried database query:

SELECT p.*,n.* FROM alf_node AS n,
alf_node_properties AS p,
alf_qname AS q
WHERE n.type_qname_id=q.id AND q.local_name='person' and n.id=p.node_id and string_value='MARSHALL'

How can I retrieve and delete person 'MARSHALL'?

cesarista · ‎09-06-2017

Hi Sergey:

In Alfresco 5.2 there is a new security protection against brute force attacks on login, which is enabled by default.

Check this thread, for deactivating it, if it is deriving in a strange login behaviour (and if there are no truly brute force attacks).

https://community.alfresco.com/message/819493-re-some-ldap-users-cannot-login?commentID=819493#comme...

Regards.

--C.

View answer in original post

skushnerenko · ‎09-06-2017

After investigating alfresco.log, I have found that user MARSHALL was reported to have Brute force attack

2017-08-15 12:06:24,603 WARN [org.alfresco.repo.security.authentication.AuthenticationServiceImpl] [http-apr-8181-exec-4] Brute force attack was detected for user MA*******

May be the protection status somehow still exists on person MARSHALL ...

cesarista · ‎09-06-2017