Hyland Connect

mdubois · ‎06-04-2019

Hi,

I need to establish a LDAP authentification but when I want my AD groups, i don't recover them but for users it's OK.

I think my problem is the space in my line, see it :

ldap.synchronization.groupSearchBase=OU=Groupes d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

How can I replace this space ?

Thank a lot

heiko_robert · ‎06-05-2019

Escape the space with a backslash?

mdubois · ‎06-05-2019

Yes i tried :

ldap.synchronization.groupSearchBase=OU=Groupes \d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

OR

ldap.synchronization.groupSearchBase=OU=Groupes\d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

heiko_robert · ‎06-05-2019

escape character is a prefix notation. ' ' should be used as '\ '

mdubois · ‎06-05-2019

So OU=Groupes\d'accès is good ?

did my ' un d'accès can be a problem too ?

fedorow · ‎06-11-2019

No, it's not good. Did you try like this: ou=Groupes\ d'accès ?

mdubois · ‎06-11-2019

Yes, i tried it and it didn't work.

I think " ' " and " è " block it too

mdubois · ‎06-05-2019

I just try with an other OU

ldap.synchronization.groupSearchBase=OU=Alfresco,DC=rapido53,DC=com

With one group but when I go in admin tools et browse group, i don't have group....

This is all line about authentification in my file :

authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
ldap.authentification.active=true
ntlm.authentication.sso.enabled=false
ldap.synchronization.active=false

ldap.authentication.userNameFormat=%s@domain.com
ldap.authentication.java.naming.provider.url=ldap://SRVDC01.domain.com
ldap.synchronization.userSearchBase=ou=User,dc=domain,dc=com
ldap.synchronization.groupSearchBase=ou=Alfresco,dc=domain,dc=com

ldap.synchronization.java.naming.security.principal=test@domain.com
ldap.synchronization.java.naming.security.credentials=SECRET
ldap.authentication.allowGuestLogin=false
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(whenChanged<\={0})))

cesarista · ‎06-05-2019

Hi:

Try adding this logger in custom-log4j.properties in extension directory to debug your ldap sync

log4j.logger.org.alfresco.repo.security.sync=debug

And then resync. Some tips are here:

https://www.zylk.net/en/web-2-0/blog/-/blogs/how-to-sync-ldap-users-and-groups-in-alfresco-ecm

I also recommend you to check the ldap queries with Apache Directory Studio, for example.

Kind regards.

--C.

mdubois · ‎06-06-2019

I will be honest I begin to be lost

I add your line but i really don't understand if i got all my user (they just need 1 connection to appear in my user list) why group don't appear in my alfresco group ? did I need to "connect" the group to appear or my line is not good ?

I install Apache directory studio and it work, i can connect to my AD, How it can help me ?

Hyland Connect

Space problem in AD Path