Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD Synchronization : The Guest user cannot be deleted

hedi_ad
Champ on-the-rise
Champ on-the-rise

‎10-30-2015 06:29 AM

Hello,
I have Alfresco community 4.2.f installed in Windows Server 2008 R2 and syncronized very well with AD, but I have an error in afresco.log file every every day at midnight (see attachement):
So I have added these line but nothing was changed.

this is what I added in my ldap-ad-authentication.properties:
————————————————————-

### Disable user removals. If false, then no sync job will be allowed to delete users or groups
synchronization.allowDeletions=false

# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(!(cn=Guest))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(!(cn=Guest))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))

any help!!


Labels:
alfresco.log.txt.zip
5 REPLIES 5

mrogers
Star Contributor
Star Contributor

‎10-30-2015 08:41 AM

Do you have a user called "guest" in your LDAP directory?   If so you will need to exclude it from the sync because "guest" is one of the few reserved names in alfresco. 

You can't sync "Guest", "Admin" or "EVERYONE".
0 Kudos

hedi_ad
Champ on-the-rise
Champ on-the-rise

‎10-30-2015 09:04 AM

Active Directory create by default a guest user in the users directry. to exluded "guest" user from synchronization, I added these line into my ldap-ad-authentication.properties (mentioned in my first comment)
NB: I created a reserved Unit Organization for my users and this is my config to do synchronization only with my users
———————————-
# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=OU\=EPR,DC\=epr, DC\=lan

# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=OU\=EPR,DC\=epr,DC\=lan
———————————

hedi_ad
Champ on-the-rise
Champ on-the-rise

‎11-02-2015 05:49 AM

any help will be greatly appreciated !?
0 Kudos

hedi_ad
Champ on-the-rise
Champ on-the-rise

‎11-04-2015 05:25 AM

I found this blog who talk about the solution of my issue. But I can't resolve it yet
http://www.giuseppeurso.eu/en/alfresco-tips-and-tricks-15-ldap-error-guest-user-cannot-be-deleted/
0 Kudos

kavilash23
Champ on-the-rise
Champ on-the-rise

‎08-28-2016 11:04 PM

Having the same issue. Any update on how to fix this?
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC