AnsweredAssumed Answered

Using Active directory passthru with Alfresco 3.2 on Ubuntu

Question asked by dflasse on Aug 27, 2009
Latest reply on Aug 27, 2009 by dward
I easily installed Alfresco 3.2 on Ubuntu 9.04 using the 'partners' repository. It works smoothly out if I only use internal Alfresco authentication subsystem (AlfrescoNtlm).

We need to authenticate Alfresco against our Win2k3 AD preferably using SSO (CIFS is in the pipe but that will be another story). I followed the cryptic wiki instructions (I'd kill for a simple tutorial) and I configured LDAP-AD subsystem in order to sync the users from AD. According to the logs, Alfresco regularly reads the Users on AD. I guess that it stores them somewhere locally.

Here's my authentication chain in alfresco-global.properties:

authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap-ad1:ldap-ad

And the passthru subsystem looks like this:

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=DOMAINE\\xx.xx.xx.xx,xx.xx.xx.xx
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=administrator
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NetBIOS
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

When I try to authenticate, I see NTLM requests in the logs (v1 and then v2) but the browser stalls for several minutes before I get a timeout error message.

Outcomes