Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP-AD Not Working

joe_rella1
Champ in-the-making
Champ in-the-making

‎01-25-2017 02:40 PM

I am trying to configure LDAP-AD for Alfresco. I added the authenticator "example.com" with the following values:

Format: Default

LDAP server URL: ldap://server.example.com:389

Security: simple

Security Principal Namesvc_alf@example.com

Security: simple

Security Principal Credentials: XXXXX

LDAP Synchronization: Enabled

I configured the User Search Base and Group Search Base using dn consistent with my environment.

I then ran synchronization. Here are the results:

2Example.comLDAP (Active Directory)TrueTrue
1 Group AnalysisStart Time: 25 Jan 2017 14:19:44
End Time: 25 Jan 2017 14:19:44		Successful: 0
Failed: 0		Percent Complete: 100%
Total Results: 0
6 User Creation and AssociationStart Time: 25 Jan 2017 14:21:51
End Time: 25 Jan 2017 14:22:54		Successful: 2
Failed: 0		Percent Complete: Unknown
Total Results: 1

When I try to test, I get the following error:

Authentication Test Result

Test Failed

Authentication Message

00250957 Failed to authenticate, authenticator with name, example.com, not found

Test Diagnostics

Authenticator not found:Failed

Any help would be greatly appreciated!

Labels:
0 Kudos
6 REPLIES 6

afaust
Legendary Innovator
Legendary Innovator

‎01-26-2017 01:22 PM

Sounds like you used the Admin Console to set this up. That means you are using Alfresco Enterprise Edition, and any support requests should typically go to Alfresco directly via the support portal (support.alfresco.com).

Did you really setup your LDAP server with the DNS name ldap.example.com? Otherwise this cannot work... On the other hand, you seem to have two users sucessfully synchronised.

0 Kudos

joe_rella1
Champ in-the-making
Champ in-the-making

‎01-26-2017 01:25 PM

I did use the Admin Console, thank you for the support tip.

No, I did not actually use example.com, lol.

0 Kudos

cesarista
World-Class Innovator
World-Class Innovator

‎01-27-2017 08:40 AM

Hi:

For confirmation: Did you use "user" as login or "user@example.com" in the ldap test ? You need to put "user" (sAMAccountName) in the login. You may check with "svc_alf" for example.

Regards.

--C.

0 Kudos

joe_rella1
Champ in-the-making
Champ in-the-making

‎01-27-2017 09:58 AM

I did use a valid sAMAccountName for the test.

What is weird, is that since I posted this, I tested logging into the admin console using an AD account and it was successful. So it would appear that the authentication mech is working, but the "test" feature is not.

0 Kudos

cesarista
World-Class Innovator
World-Class Innovator

‎01-28-2017 07:24 AM

Mmmm.. it sounds a little bit strange, although better in that direction.

Maybe you have passthu authentication subsystem enabled too (pointing to the same domain server), and ldap-ad authentication disabled (while ldap-ad is only used for sync users). May be the case ?

Regards.

--C.

0 Kudos

joe_rella1
Champ in-the-making
Champ in-the-making

‎01-30-2017 11:23 AM

So that is weird... I left it alone, came back this morning, tested again.... and it worked!

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC