Space problem in AD Path

cancel
Showing results for 
Search instead for 
Did you mean: 
mdubois
Active Member II

Space problem in AD Path

Hi,

I need to establish a LDAP authentification but when I want my AD groups, i don't recover them but for users it's OK.

I think my problem is the space in my line, see it :


ldap.synchronization.groupSearchBase=OU=Groupes d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

How can I replace this space ?

Thank a lot

16 Replies
heiko_robert
Senior Member

Re: Space problem in AD Path

Escape the space with a backslash?

mdubois
Active Member II

Re: Space problem in AD Path

Yes i tried :

ldap.synchronization.groupSearchBase=OU=Groupes \d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

OR

ldap.synchronization.groupSearchBase=OU=Groupes\d'accès,OU=RAPIDO,OU=CCAR,OU=RAPIDO_VDL, DC=rapido53,DC=com

heiko_robert
Senior Member

Re: Space problem in AD Path

escape character is a prefix notation. ' ' should be used as '\ '

mdubois
Active Member II

Re: Space problem in AD Path

So OU=Groupes\d'accès is good ?

did my ' un d'accès can be a problem too ?

mdubois
Active Member II

Re: Space problem in AD Path

I just try with an other OU 

ldap.synchronization.groupSearchBase=OU=Alfresco,DC=rapido53,DC=com

With one group but when I go in admin tools et browse group, i don't have group....

This is all line about authentification in my file :

 

authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
ldap.authentification.active=true
ntlm.authentication.sso.enabled=false
ldap.synchronization.active=false

ldap.authentication.userNameFormat=%s@domain.com 
ldap.authentication.java.naming.provider.url=ldap://SRVDC01.domain.com 
ldap.synchronization.userSearchBase=ou=User,dc=domain,dc=com
ldap.synchronization.groupSearchBase=ou=Alfresco,dc=domain,dc=com

ldap.synchronization.java.naming.security.principal=test@domain.com 
ldap.synchronization.java.naming.security.credentials=SECRET 
ldap.authentication.allowGuestLogin=false
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(whenChanged<\={0})))

cesarista
Customer

Re: Space problem in AD Path

Hi:

Try adding this logger in custom-log4j.properties in extension directory to debug your ldap sync

log4j.logger.org.alfresco.repo.security.sync=debug

And then resync. Some tips are here:

https://www.zylk.net/en/web-2-0/blog/-/blogs/how-to-sync-ldap-users-and-groups-in-alfresco-ecm

I also recommend you to check the ldap queries with Apache Directory Studio, for example.

Kind regards.

--C.

mdubois
Active Member II

Re: Space problem in AD Path

I will be honest I begin to be lost Smiley Happy

I add your line but i really don't understand if i got all my user (they just need 1 connection to appear in my user list) why group don't appear in my alfresco group ? did I need to "connect" the group to appear or my line is not good ? 

I install Apache directory studio and it work, i can connect to my AD, How it can help me ?

cesarista
Customer

Re: Space problem in AD Path

Hi Mathis:

- With the debug option, you can see all the details of the ldap sync in Alfresco. It is specially useful when getting problems with a given path or search base, for users and/or groups.

- With Apache Directory Studio you may check and debug the ldap queries for groups and users. So you can see the results that they should be obtained in group syncronization. If ldap query in Apache Directory Studio is not giving the group that you mention, it never will be synced in Alfresco. Browsing with Apache Directory Studio, you can check too the full config of user and group objects of your LDAP/AD.

Kind regards.

--C.

mdubois
Active Member II

Re: Space problem in AD Path

Ok so know it work with a classic path but when i use path with ou=Groupes d'accès, it didn't work cause of the space