cancel
Showing results for 
Search instead for 
Did you mean: 

No se han reconocido sus datos de autenticación

JuanchoTdA
Champ on-the-rise
Champ on-the-rise

Hola amigos,

acabo de configurar la sincronizacion de mi alfresco con mi LDAP y aun asi no funciona. veo los usuarios y grupos pero no puedo acceder me da un error. No se han reconocido sus datos de autenticacion. Podrian ayudarme tengo Alfresco 7 en un centos 7 y conectado a un servidor mariadb 10.

Adjunto mi global-properties

image

###############################
## Common Alfresco Properties #
###############################


dir.root=/usr/local/alfresco-community70/alf_data
dir.contentstore=${dir.root}/contentstore
dir.contentstore.deleted=${dir.root}/contentstore.deleted
dir.keystore=/usr/local/alfresco-community70/tomcat/shared/classes/alfresco/extension/keystore

#
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
#-------------
alfresco.context=alfresco
alfresco.host=${localname}
alfresco.port=8080
alfresco.protocol=http
share.context=share
share.host=${localname}
share.port=8080
share.protocol=http

### database connection properties ###
db.username=alfresco
db.password=xxxxxx
db.name=alfresco
db.host=10.10.10.30
db.port=3306
db.driver=com.mysql.jdbc.Driver
db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}?useUnicode=yes&characterEncoding=UTF-8

# Note: your database must also be able to accept at least this many connections. Please see your database documentation for instructions on how to configure this.
db.pool.max=275
db.pool.validate.query=SELECT 1

# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=UNKNOWN

### RMI registry port for JMX ###
alfresco.rmi.services.port=50500

# Default value of alfresco.rmi.services.host is 0.0.0.0 which means 'listen on all adapters'.
# This allows connections to JMX both remotely and locally.
alfresco.rmi.services.host=0.0.0.0

### E-mail site invitation setting ###
notification.email.siteinvite=false

### License location ###
dir.license.external=/usr/local/alfresco-community70

### Allow extended ResultSet processing
security.anyDenyDenies=false

### Smart Folders Config Properties ###
smart.folders.enabled=false

### Remote JMX (Default: disabled) ###
alfresco.jmx.connector.enabled=false

## AMQ And Transformation services
localTransform.core-aio.url=http://localhost:8090/
local.transform.service.enabled=true
messaging.broker.url=tcp://localhost:61616
messaging.subsystem.autoStart=true
#If you have setup username and password for AMQ, then set the below properties. In my case i have kept default admin/admin
messaging.broker.username=admin
messaging.broker.password=admin

################ Solr Search service configurations ###############

#
# Index Recovery Mode
#-------------
#index.recovery.mode=AUTO

# Set this property unless you have explicitly chosen to expose some repository APIs without authentication
solr.host=localhost
solr.port=8983
#none, https
solr.secureComms=none
solr.base.url=/solr
index.subsystem.name=solr6


### FTP Server Configuration ###
ftp.port=2121
ftp.enabled=true
ftp.server.enables=true

############### LDAP : Authentication ############
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=cn=%s,ou=Empleados,dc=TDA
ldap.authentication.java.naming.provider.url=ldap://10.10.10.40:389
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator

create.missing.people=false

############### LDAP : Sincronizacion ############

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn=alfresco,ou=CuentasAdministrativas,dc=PEPE
ldap.synchronization.java.naming.security.credentials=XXXXXX
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000


ldap.synchronization.groupQuery=objectclass\=group
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=ou=ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE
ldap.synchronization.groupQuery=(objectclass\=group)

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=ECM_ADMIN,ou=ECM,ou=Aplicaciones,ou=Grupos,dc=TDA)(memberOf=cn\=ECM_USERS,ou=ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE)))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=ECM_ADMIN,ou=ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE)(memberOf=cn\=ECM_USERS,ou=ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE))(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou=ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE
ldap.synchronization.userSearchBase=ou=Empleados,dc=PEPE

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

synchronization.syncOnStartup=true
synchronization.import.cron=0 0 0 * * ?

1 ACCEPTED ANSWER

Por si a alguien le sirve esto con configure en alfresco 7 y windows 2012 r2 a mi me funciono correctamente.

############### LDAP : Authentication ############
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

ldap.authentication.active=true
ldap.authentication.userNameFormat=
#ldap.authentication.userNameFormat=uids=%s,ou=VPN,ou=Empleados,dc=PEPE
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://pepe.local:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrador

create.missing.people=false

############### LDAP : Sincronizacion ############

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=CN\=alfresco,OU=CuentasAdministrativas,DC=PEPE
ldap.synchronization.java.naming.security.credentials=1nf0rmat1cA


#ldap.synchronization.queryBatchSize=0
#ldap.synchronization.attributeBatchSize=0

ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=Alf_Administrador,ou=Alfresco_ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE)))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=Alf_Administrador,ou=Alfresco_ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=OU=Alfresco_ECM,OU=Aplicaciones,OU=Grupos,DC=PEPE
ldap.synchronization.userSearchBase=OU=VPN,OU=Empleados,DC=PEPE


ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=person
ldap.synchronization.groupMemberAttributeName=member

ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=false

# secs min hour dom mon dow
synchronization.import.cron=0 */10 8-19 * * ?
#Every minutes, Alfresco sync.

synchronization.syncOnStartup=true

View answer in original post

3 REPLIES 3

angelborroy
Community Manager Community Manager
Community Manager

La causa del error puedes encontrarla en alfresco.log / catalina.out

Hyland Developer Evangelist

Hola @angelborroy

Adjunto el log , yo es que la verdad no encuentro un error salvo algo de http token pero es que de alli no veo ningun error. no se si deba de hacer algo mas. como te comento veo los usuarios de los grupos pero no accedo.

https://file.io/39YHII42y1fN 

Por si a alguien le sirve esto con configure en alfresco 7 y windows 2012 r2 a mi me funciono correctamente.

############### LDAP : Authentication ############
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

ldap.authentication.active=true
ldap.authentication.userNameFormat=
#ldap.authentication.userNameFormat=uids=%s,ou=VPN,ou=Empleados,dc=PEPE
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://pepe.local:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrador

create.missing.people=false

############### LDAP : Sincronizacion ############

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=CN\=alfresco,OU=CuentasAdministrativas,DC=PEPE
ldap.synchronization.java.naming.security.credentials=1nf0rmat1cA


#ldap.synchronization.queryBatchSize=0
#ldap.synchronization.attributeBatchSize=0

ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=Alf_Administrador,ou=Alfresco_ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE)))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(memberOf=cn\=Alf_Administrador,ou=Alfresco_ECM,ou=Aplicaciones,ou=Grupos,dc=PEPE))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=OU=Alfresco_ECM,OU=Aplicaciones,OU=Grupos,DC=PEPE
ldap.synchronization.userSearchBase=OU=VPN,OU=Empleados,DC=PEPE


ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=person
ldap.synchronization.groupMemberAttributeName=member

ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=false

# secs min hour dom mon dow
synchronization.import.cron=0 */10 8-19 * * ?
#Every minutes, Alfresco sync.

synchronization.syncOnStartup=true