### LDAP-AD ###
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap-ad
ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=false
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true
ldap.authentication.active=true
ldap.synchronization.active=true
###Autenticación del dominio
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=192.168.1.112
ntlm.authentication.mapUnknownUserToGuest=true
passthru.authentication.authenticateFTP=true
passthru.authentication.guestAccess=true
passthru.authentication.defaultAdministratorUserNames=alfresco, Administrator
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s@dominioAlfresco.com
ldap.authentication.allowGuestLogin=true
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://192.168.1.114:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=Administrator@dominioAlfresco.com
ldap.synchronization.java.naming.security.credentials=Admin123
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.personQuery=(&(objectclass=user)(memberof=CN=grupoCC,CN=Users,DC=dominioAlfresco,DC=com)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(&(objectclass=user)(memberof=CN=grupoCC,CN=Users,DC=dominioAlfresco,DC=com)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupQuery=(objectclass=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=group)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=CN\=Users,DC\=dominioAlfresco,DC\=com
ldap.synchronization.userSearchBase=CN\=Users,DC\=dominioAlfresco,DC\=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=false
synchronization.import.cron=0 0/1 * * * ?
synchronization.allowDeletions=false
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.autoCreatePeopleOnLogin=false
Buenas, tengo un problema con el tema de la sincronización, los usuarios se sincronizan, pero los usuarios que en LDAP están DESACTIVADOS en LDAP con "AccountDisabled", en Alfresco su cuenta no está deshabilitada... cómo podría conseguir que se deshabiliten?, pero no se eliminen.
Creo que tiene que ver en estas sentencias:
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(memberOf\=CN\=AlfrescoEXPL,CN\=Users,DC\=chap,DC\=junta-andalucia,DC\=es)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=CN\=AlfrescoEXPL,CN\=Users,DC\=chap,DC\=junta-andalucia,DC\=es))
Gracias de antemano.
Saludos.
Content from pre 2016 and from language groups that have been closed.
Content is read-only.
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.