Alfresco 5.2 synchronization

Showing results for 
Search instead for 
Did you mean: 
Active Member

Re: Alfresco 5.2 synchronization

Two suggestions.

1.  have you tried to follow Example: authentication and synchronization with one ldap-ad subsystem | Alfresco Documentation ?

2. Does your security principal have access to read all properties in LDAP?  You should run a test to make sure that the user can query LDAP properly using a test tool.

What LDAP system/server are you using?

I note you have used "".  This is not recommended.

I am not sure why you have used all the settings that you have.  The example provide in point 1 should allow you to synchronise.

I have set up the authentication chain as:

authentication.chain=alfinst:alfrescoNtlm,passthru1Smiley Tongueassthru,ad1:ldap-ad

The passthru allows users to open office documents without prompting for credentials and therefore I also set

The other point I thought looked odd is the domain qualifications.  I use ou=People,dc=xyz,dc=abc,dc=mycompany,dc=com   as per example.

Active Member

Re: Alfresco 5.2 synchronization

1. i have tried that sugestion and all sort of stuff i found while browsing for hints. But will try agian from the beggining.

2. the user i am using as all the properties on ldap ( after i do it ok i will make a new one just for alfresco )

i am using the Active Directory Users and Computers Version: 5.2.3790.3959 ona  windows server 2003 r2 x64

Active Member

Re: Alfresco 5.2 synchronization

OK, let us know how you go.  I am using Windows Active Directory and have got it working seamlessly.  Happy to help if you need more information.

Please also refer to 

Use the tool LDP included with Windows server 2003. Follow the instructions in the link above to validate your ldap user and password and access.

Senior Member II

Re: Alfresco 5.2 synchronization

Hi Antonio,

I use the ldap client "apache directory studio" to test my ldap connection and queries.

My ldap configuration differs in


I had to use the fully qualified name in the URL ldap://myad.mydom:389

Created an extra AD user for ldap sync "ldap.alfresco" which is referred to as


 The user has be in the according groups if your AD is ACLed in some way. Normally it just has to be a Domain user.

Here are the only values I set (changed to example domain dom.local, domaincontroller server is dc).

I use searchbase dc=dom,dc=local because some users are in a special ou and wanted to import only users with email address - you should adapt this

DC is windows 2012, alfresco (5.2.0 r135134-b14) uses ubuntu 16.04.2 LTS




#group Type = global groups
#only enabled users with mail address

### Sync Settings ###
synchronization.import.cron=0 0 * * * ?‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍


 This is the setup of my test system. So differential queries are the same as the full queries...

Active Member

Re: Alfresco 5.2 synchronization

Got it working with pass- trough. Thanks all for the help