AnsweredAssumed Answered

LDAP and people synchronisation not working

Question asked by simon on Apr 10, 2006
Latest reply on Jun 5, 2007 by andy
Hi Alfresco,

We are trying to enable people (and group) synchronisation with LDAP. It's not working as expected, but you have probably guessed that by now. First we woul like to enable people synchronisation, group support will follow later but lets keep it as simple as possible for now.

The configuration is based on the documentation we found in the WIKI.

1. The Alfresco system is not available when all the configuration references for group synchro are commented out. There are no errors in the log and the even the login page is not available. This problem is solved when I uncomment the group configuration parameters, strange…

2.  Changed the ldap-authentication-context.xml file (the other sections in this file are left alone) like this:

<bean id="ldapPeopleExportSource" class="org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource">
        <property name="personQuery">
            <value>(objectclass=Person)</value>
        </property>
        <property name="searchBase">
            <value>dc=company,dc=be</value>
        </property>
        <property name="userIdAttributeName">
            <value>cn</value>
        </property>
         <property name="LDAPInitialDirContextFactory">
            <ref bean="ldapInitialDirContextFactory" />
        </property>
        <property name="personService">
            <ref bean="personService"></ref>
        </property>
        <property name="namespaceService">
            <ref bean="namespaceService" />
        </property>
        <property name="defaultHomeFolder">
            <value>/app:company_home</value>
        </property>
        <property name="attributeMapping">
            <map>
                <entry key="cm:userName">
                    <value>cn</value>
                </entry>
                <entry key="cm:firstName">
                    <value>givenName</value>
                </entry>
                <entry key="cm:lastName">
                    <value>sn</value>
                </entry>
                <entry key="cm:email">
                    <value>mail</value>
                </entry>
                <entry key="cm:organizationId">
                    <value>cn</value>
                </entry>
            </map>
        </property>
    </bean>

3. Uncommented the relevant part in the scheduled-jobs-context.xml. Remember the "leave the group support for now":

<ref bean="ldapPeopleTrigger" />

4. Reboot the server and wait (startDelay parameter does its job).

5. Job starts running and outputs the following error:

15:42:30,371 ERROR [org.quartz.core.JobRunShell] Job DEFAULT.ldapPeopleJobDetail threw an unhandled Exception:
org.alfresco.repo.importer.ExportSourceImporterException: Failed to import
        at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)
        at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)
        at org.quartz.core.JobRunShell.run(JobRunShell.java:191)
        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)
Caused by: java.lang.NullPointerException
        at org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource.generateExport(Unknown Source)
        at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)
        … 3 more
15:42:30,371 ERROR [org.quartz.core.ErrorLogger] Job (DEFAULT.ldapPeopleJobDetail threw an exception.
org.quartz.SchedulerException: Job threw an unhandled exception. [See nested exception: org.alfresco.repo.importer.ExportSourceImporterException: Failed to import]
        at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)
* Nested Exception (Underlying Cause) —————
org.alfresco.repo.importer.ExportSourceImporterException: Failed to import
        at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:165)
        at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)
        at org.quartz.core.JobRunShell.run(JobRunShell.java:191)
        at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)
Caused by: java.lang.NullPointerException
        at org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource.generateExport(Unknown Source)
        at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:149)
        … 3 more

We traced the connections between the Alfresco server and Active Directory with tcpdump and could see "some" activity so there is "a" connection. Don't know what's transfered and if this is relevant or not.

Could the NullPointerException have anything to do with these settings in the ldap-authentication-context.xml file?
<property name="storeRef">
<value>${alfresco_user_store.store}</value>
</property>
<property name="path">
<value>/${alfresco_user_store.system_container.childname}/${alfresco_user_store.authorities_container.childname}</value>
</property>

Anyone experienced the same problems? We use the Enterprise 1.2 version on Linux.

Thanks!

Outcomes