Hyland Connect

raghunandangowd · ‎04-23-2018

Hi,

I've used the below code for the LDAP AD Integration. Problem which I'm facing is: I'm not able to login, it is showing "Unable to Connect" when I click on Login button. I mentioned the LDAP URL in the below code.

Please, tell where I'm supposed to change to make it right in my code. I didn't get this since I'm new to Alfresco and LDAP Integration.

And Please clear me about this LDAP authentication flow.

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=raghunandan.p@xyz.com
## ,ou\=people,dc\=xyz,dc\=com

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url="ldap://xyzexchsvr.xyz.com:389"
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=true
ldap.authentication.escapeCommasInUid=true
ldap.authentication.defaultAdministratorUserNames=admin,raghunandan
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=raghunandan.p@xyz.com
### cn\=raghunandan,dc\=xyz,dc\=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000

ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))

ldap.synchronization.userSearchBase=ou\=people,dc\=xyz,dc\=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail

ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

ldap.synchronization.personType=inetOrgPerson

ldap.synchronization.enableProgressEstimation=true

And added the below two lines in alfresco-global.properties file

ntlm.authentication.sso.enabled=false
authentication.chain=alfinst:alfrescoNtlm,ldap-ad1:ldap-ad

salaboy · ‎04-24-2018

I'm not an expert on these topics but can you please specify which versions are you using? Are you using the community version?

raghunandangowd · ‎04-25-2018

Alfresco Community (Build: 201707)
===============================

Contains:
- Alfresco Platform: 5.2.g
- Alfresco Share: 5.2.f

salaboy · ‎04-25-2018

Yeah, you probably need Content and Share experts to answer that question.

raghunandangowd · ‎04-25-2018

Yes...

I stuck in this problem from past 20 days. Not getting proper solution. Very sad....

salaboy · ‎04-25-2018

Well this is a community forum, and I guess that the main problem is that the question is tagged incorrectly. I would recommend to close this question and ask a question about share and the content services with LDAP. I'm pretty sure that it is a very common question for those teams.

cesarista · ‎04-28-2018

Hi:

Try first with:

ldap.authentication.userNameFormat=%s@xyz.com
ldap.authentication.java.naming.provider.url=ldap://xyzexchsvr.xyz.com:389

In the second property I deleted the quotes "". This should enable you to auth.

After this you should check your ldap sync properties, because it seems that you are using a template for LDAP, and not for a LDAP AD.

Regards.

--C.

Hyland Connect

Not able to Login during LDAP AD Integration