Hyland Connect

bostjanc · ‎06-30-2016

Hi guys.
following this tutorial (http://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html) we are trying to enable SSO on alfresco community web page (share) to work.
SSO is not working.

We have put this lines:
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@domain.com
ldap.authentication.java.naming.provider.url=ldap://domaincontroller.domain.com:389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.java.naming.security.principal=alfresco@domain.com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.groupSearchBase=ou=Security Groups,ou=Alfresco\
,dc=domain,dc=com

ldap.synchronization.userSearchBase=ou=User Accounts,ou=Alfresco,dc=domain,dc=com

steven_okennedy · ‎06-30-2016

Hi

First off, I'm assuming that you've updated the values you posted above to match your own domain details (%s@domain.com, ldap://domaincontroller.domain.com:389, alfresco@domain.com etc etc) - unless domain.com is actually the name of your domain?

Can you explain what you're seeing and what isn't working?

Please bear in mind that LDAP can be used to authenticate users using their Windows credentials (single sign on) but doesn't support passwordless single sign on where the user opens Alfresco and is logged in automatically. So you should expect to still see a login page when you go to Alfresco, but you will be able to use Windows usernames/passwords to authenticate. If this is not what you want and you want the user to simply be logged in automatically then you'll need to look at Kerberos or Pass-through authentication instead

Regards

Steven