cancel
Showing results for 
Search instead for 
Did you mean: 

Cannot login anymore on Alfresco

marius_dumitrac
Confirmed Champ
Confirmed Champ

Hi guys,

I have the following problem with my alfresco instance: the login page in alfresco returns the following message

Your authentication details have not been recognized or Alfresco may not be available at this time.

The alfresco installation has the following details:

1. CentOS 6 (up to date) 

2. Postgres 9.3 (up to date) 

3. Apache 7.0.6

4. Alfresco ver 5.0d

I use AD connection for user management, the AD is up and running and accessible from the Alfresco machine.

Up to 5 hours ago, I had no problem with it. 

I've tried shutting it down and restart it (also postgres and apache server) with no success.

I got no errors in the log files - see them attached.

The alfresco app is running (http://server:8080/alfresco, I cannot login to console, because I don't have the initial admin password)

 

Can anyone help me on this?

1 ACCEPTED ANSWER

your ldap config is not correct. Please fix that following the docs I linked. At least your userNameFormat will expect all the users in ou=users,dc=domain,dc=intern.

View answer in original post

15 REPLIES 15

abhinavmishra14
World-Class Innovator
World-Class Innovator

Could you see any errors in alfresco.log, share.log and catalina.out ? 

Can you also try <host>:<port>/alfresco/service/api/login?u=<userName>&pw=<password>  api call to see if you are getting response from repository 

~Abhinav
(ACSCE, AWS SAA, Azure Admin)

Hi Abhinav,

No error in the logs (are attached to the post).

The response from the repository is this

<response>
<status>
<code>403</code>
<name>Forbidden</name>
<description> Server understood the request but refused to fulfill it. </description>
</status>
<message>06100727 Login failed</message>
<exception/>
<callstack> </callstack>
<server>Community v5.0.0 (d r99759-b2) schema 8,022</server>
<time>Jul 10, 2019 6:01:28 PM</time>
</response>

I think it's ok (I don't know the initial admin password, and password of admin account configured in AD is not accepted.)

Also I don't think there is a problem with the AD connection, the sync job is working fine - see below the log entries

2019-07-10 17:45:00,105 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronizing users and groups with user registry 'ldap1'
2019-07-10 17:45:00,106 WARN [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Full synchronization with user registry 'ldap1'
2019-07-10 17:45:00,106 WARN [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Some users and groups previously created by synchronization with this user registry may be removed.
2019-07-10 17:45:00,147 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Retrieving all groups from user registry 'ldap1'
2019-07-10 17:45:00,152 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Commencing batch of 0 entries
2019-07-10 17:45:00,152 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Completed batch of 0 entries
2019-07-10 17:45:00,185 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Retrieving users changed since Jul 10, 2019 11:05:30 AM from user registry 'ldap1'
2019-07-10 17:45:00,188 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Commencing batch of 1 entries
2019-07-10 17:45:00,521 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Processed 1 entries out of 1. 100% complete. Rate: 3 per second. 0 failures detected.
2019-07-10 17:45:00,521 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Synchronization,Category=directory,id1=ldap1,id2=6 User Creation and Association: Completed batch of 1 entries
2019-07-10 17:45:00,531 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] Finished synchronizing users and groups with user registry 'ldap1'
2019-07-10 17:45:00,531 INFO [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-9] 1 user(s) and 0 group(s) processed

OOTB Default admin account should still work. The default user name is: admin and default password: admin

Repo auth api : http://127.0.0.1:8080/alfresco/service/api/login?u=admin&pw=admin

This should return alf_ticket if login is successful. The default admin password is also part of tomcat/shared/classes/alfresco-global.properties file. Its MD4 encrypted. You can decrypt it if required. but in general admin:admin is the default user name and password. Give it a try.

~Abhinav
(ACSCE, AWS SAA, Azure Admin)

I've tried and the same response - Login failed Smiley Sad.

in catalina.out i got this line:

2019-07-10 19:02:26,347 INFO [web.site.EditionInterceptor] [ajp-apr-8009-exec-3] Unable to retrieve License information from Alfresco: 401

Also I've modified the alfresco-global.properties file to use de default authentication (authentication.chain=alfrescoNtlm1:alfrescoNtlm) with the same result - login failed.

But this time the licence was retrieved successfully

2019-07-10 19:11:26,302 INFO [web.site.EditionInterceptor] [ajp-apr-8009-exec-4] Successfully retrieved license information from Alfresco.

Any ideas?