Alfresco community 5.2 edition. LDAP-AD configuration

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Member II

Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

I'm trying to integrate LDAP-AD with alfresco & I have following below tutorial.

Example: authentication and synchronization with one ldap-ad subsystem | Alfresco Documentation 

But it didn't work. 

alfresco-global.properties

authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@xxx.xx
ldap.authentication.java.naming.provider.url=ldap://domaincontroller.xxx.xx:389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.java.naming.security.principal=alfresco@xxx.xx
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.groupSearchBase=ou=Security Groups,ou=Alfresco\
,dc=xxx,dc=xx

ldap.synchronization.userSearchBase=ou=User Accounts,ou=Alfresco,dc=pucsl,dc=lk

I can't understand what is missing, Please help me step by step to integrate LDAP-AD with alfresco.

Thank you.

1 Solution

Accepted Solutions
Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Great!!!

That works perfectly as i expected. Thank you so much Cesar. 

Below i have added my alfresco-global.properties file in case if someone need.

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=%s@xxx.xx
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://xxx.xx:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=administrator@xxx.xx
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true

ldap.synchronization.groupQuery=objectclass\=group
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=xxx,dc=xxx,dc=xx)(ou=xxx,dc=xxx,dc=xx)))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=xxx,dc=xxx,dc=xxx)(ou=xxx,dc=xxx,dc=xxx))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=ou\=xxx,dc\=xxx,dc\=xxx

ldap.synchronization.userSearchBase=dc\=xxx,dc\=xxx

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

View solution in original post

6 Replies
Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Hello,

I think you should try the following link for your kinda problem.

https://docs.alfresco.com/5.1/tasks/adminconsole-directorymgt-ad.html

Thanks
ldap-ad‌  alfresco ldap‌


 @anuradha madhushani

Highlighted
Customer

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution
Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Thank you for replying me Amit. I have already read that tutorial also, but the problem is, i could not find any Directories section in the admin console. What can i do now?

Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Thank you Cesar. I will try this one also. 

Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Great!!!

That works perfectly as i expected. Thank you so much Cesar. 

Below i have added my alfresco-global.properties file in case if someone need.

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=%s@xxx.xx
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://xxx.xx:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=administrator@xxx.xx
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true

ldap.synchronization.groupQuery=objectclass\=group
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=xxx,dc=xxx,dc=xx)(ou=xxx,dc=xxx,dc=xx)))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(|(ou=xxx,dc=xxx,dc=xxx)(ou=xxx,dc=xxx,dc=xxx))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=ou\=xxx,dc\=xxx,dc\=xxx

ldap.synchronization.userSearchBase=dc\=xxx,dc\=xxx

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

View solution in original post

Highlighted
Active Member II

Re: Alfresco community 5.2 edition. LDAP-AD configuration

Jump to solution

Hello,

I would recommend you to try the following link, maybe this will help you out.

http://www.techbits.de/2012/04/02/setting-up-a-development-ldap-server-for-alfresco/

Regards

Amit Kulhari