Alfresco Community Edition and Active Directory integration

cancel
Showing results for 
Search instead for 
Did you mean: 
demarestk
Member II

Alfresco Community Edition and Active Directory integration

Hi, I'm testing Alfresco Community Edition on Ubuntu Server 18.04. I'm just struggling to get Active Directory integration working.

From the documentation: https://docs.alfresco.com/community/tasks/auth-example-oneldap-ad.html I have added following lines to /opt/alfresco-community/tomcat/shared/classes/alfresco-global.properties:

authentication.chain=ldap1:ldap-ad
ntlm.authentication.sso.enabled=false
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@domain.com
ldap.authentication.java.naming.provider.url=ldap://*******.intranet.laarne.be:389
ldap.authentication.defaultAdministratorUserNames=Administrator,superuser
ldap.synchronization.java.naming.security.principal=********@intranet.laarne.be
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.groupSearchBase=CN=GG_ALFRESCO,OU=Groups,OU=Gemeentebestuur Laarne,dc=INTRANET,dc=LAARNE,dc=BE
ldap.synchronization.userSearchBase=OU=Gemeentebestuur Laarne,dc=INTRANET,dc=LAARNE,dc=BE

But when trying to log in with a user, which is member of the GG_ALFRESCO group, I'm getting

"Your authentication details haven't been recognized or Alfresco Content Services may not be available at this time."

  1. I stop and start Alfresco every time I make a change to this properties file
  2. Am I modifying the right file?
  3. Where can I find more details on why my login attempts are failing? (more specific logging)
4 Replies
angelborroy
Alfresco Employee

Re: Alfresco Community Edition and Active Directory integration

1. It's the recommended way for Alfresco Community

2. It's the right file

3. Add following parameter to custom-log4j.properties file:

log4j.logger.org.alfresco.repo.security.authentication.ldap=DEBUG

Additional information: https://docs.alfresco.com/community/concepts/auth-ldap-ADtips.html

Hyland Developer Evangelist
demarestk
Member II

Re: Alfresco Community Edition and Active Directory integration

Thanks a lot Angel,

Where is the custom-log4j.properties file located? I'm searching everywhere, but can't seem to find the file.

where will the output for this logging be produced?

angelborroy
Alfresco Employee

Re: Alfresco Community Edition and Active Directory integration

/opt/alfresco/tomcat/shared/classes/alfresco/extension/custom-log4j.properties (create the file if it doesn't exist)

/opt/alfresco/tomcat/logs/catalina.out

/opt/alfresco/tomcat/logs/alfresco.log

There should be equivalent paths in Windows based installations.

Hyland Developer Evangelist
demarestk
Member II

Re: Alfresco Community Edition and Active Directory integration

Hmm, I don't seem to have the /extenstion directory