AnsweredAssumed Answered

Active Directory LDAP Sync

Question asked by daveram on Jul 25, 2009
Latest reply on Aug 12, 2009 by ipeters
G'day,

I've setup Alfresco 3.2 with passthru authentication easily enough, however what I'm banging my head on is AD synchronization.  This setup is on a Win2k3 server and trying to authorize to a Win2k3 domain controller.  Global config file as follows:

authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap-ad:ldap1


ntlm.authentication.sso.enabled=true
passthru.authentication.authenticateCIFS=true

passthru.authentication.domain=DOMAIN
passthru.authentication.servers=server1,server2

ldap.authentication.active=false
ldap.synchronization.active=true

ldap.authentication.userNameFormat=%s@domain.com
ldap.authentication.java.naming.provider.url=ldap://server1:389

ldap.authentication.defaultAdministratorUserNames=administrator,myaccount

ldap.synchronization.java.naming.security.principal=serviceaccount@domain.com
ldap.synchronization.java.naming.security.credentials=<secret>

What seems to be happening is I'm getting a login failed error in the log, as such:

18:21:48,819 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, passthru1]
18:21:48,866 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
18:21:48,960 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, passthru1] complete
18:21:48,976 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, ldap-ad]
18:21:49,007 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
18:21:49,007 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, ldap-ad] complete
18:25:32,491 ERROR [org.alfresco.web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 06240087 Login failed
org.alfresco.web.scripts.WebScriptException: 06240087 Login failed

Any ideas as to what might be causing this?  I'm seeing network traffic on a packet capture talking to the DC, but that's it.

Outcomes