cancel
Showing results for 
Search instead for 
Did you mean: 

Switch from AD LDAP authentication to local authentication keeping current users and history

adautofernandes
Champ on-the-rise
Champ on-the-rise

I'm going to migrate my Alfresco to the cloud and I have the task of removing authentication via AD LDAP for authentication.

I was looking for a way to do this in the database, but the Alfresco tables are quite complex. I still haven't been able to identify a way to perform this operation in the database. I saw that users and groups are in the database.

Is there a way to convert these users as if they were local users?

Is there any documentation on the tables and fields in the Alfresco database?

Thank you very much in advance!

13 REPLIES 13

I forgot to inform the version I am using. It's the Alfresco Community 201707 (v5.2).

Today I tried to "steal" on the user's edit form. Enabling the password fields and the user account activation checkbox by editing the generated HTML using the browser inspect element.

image

image

Just remove the Disabled="True" to enable, but Alfresco's security is good. I underestimate Alfresco's security Smiley LOL

When I try to save I get the following error message:

image

There had to be an easier way to activate these users.

Hi @afaust,

I left some extra information. Do you have any light to help me?

Hello, @adautofernandes - did you ever get this to work for you? I'm migrating an ACS 4.6.2 instance over to a new data center and would like to do so without the current LDAP authentication.

Hi @pauldavidmena,

So I couldn't migrate to the other server by disabling authentication with my Microsoft Active Directory/LDAP.
The solution I found was to install OpenLDAP + LAM (LDAP Account Manager) on Alfresco's server to manage users.

What's annoying about Alfresco is that it's difficult to maintain.
In the coming months I will have to plan the update. Hope to have a little headache.

@adautofernandesyou have your answer on @afaust' post:

Theoretically, you should be able to deactivate/remove the LDAP-AD configuration 
(simplest way: remove it from authentication.chain property in alfresco-global.properties)
and after a restart should be allowed to set new passwords for these users in the Share UI.

Don't go directly into the database. Go though alfresco-global.properties and keep only ntlm authenticator on that line.

Cheers,

Cristina.

--
VenziaIT: helping companies since 2005! Our ECM products: AQuA & Seidoc