AnsweredAssumed Answered

Alfresco 4.0.a: external user can't login

Question asked by evilclown on Nov 10, 2011
Latest reply on Mar 26, 2013 by opoplawski
Hi,
I'm trying to invite external users to sites. They get the invitation email, but after succesfully using the activation link, the authentication with the username/password combination fails. This problem occurs in /share and /alfresco…
The accounts are activated and they are no differences to manually created accounts. But with manually created accounts the login works. Is there an easy solution?

I'm using
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap
with the following configurations:

alfrescoNtlm1

ntlm.authentication.mapUnknownUserToGuest=false
ntlm.authentication.sso.enabled=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=true

passthru1

passthru.authentication.useLocalServer=false
passthru.authentication.servers=uniko.uni-koblenz.de
ntlm.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true
passthru.authentication.guestAccess=true
passthru.authentication.defaultAdministratorUserNames=AD_usernames

ldap1
ldap.authentication.active=false
ldap.authentication.userNameFormat=uid=%s,ou=people,dc=uni-koblenz,dc=de
ldap.authentication.java.naming.provider.url=ldap://ldap.uni-koblenz.de:389
ldap.authentication.java.naming.security.authentication=simple
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=…
ldap.synchronization.java.naming.security.credentials=…
ldap.synchronization.groupQuery=(objectclass\=groupOfNames)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou\=group,dc\=Uni-Koblenz,dc\=de
ldap.synchronization.userSearchBase=ou\=people,dc\=Uni-Koblenz,dc\=de
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member

Outcomes