AnsweredAssumed Answered

Another LDAP Sync problem

Question asked by jsabah on Sep 1, 2009
Latest reply on Sep 6, 2009 by jsabah
Hi everyone,

Very new to the world of Electronic Document Management, I am trying to get Alfresco CE 3.3 (nightly build) to work in my company. Not being a Network/System admin, I am currently struggling on 2 different points of the configuration of the application. In this topic, I will focus on the authentication and the LDAP Sync.
Alfresco is installed on a Windows XP 64 workstation with plenty of RAM & HD. We have an Exchange server and Active Directory. I have been reading the wiki and the forum for the last 4 days and I can't figure out what's wrong due to lack of technical knowledge/hindsight.

My authentication chain in alfresco-global.properties is as follow and respects Example 1: Advanced AD Chain  given in the Wiki:
# The default authentication chain
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap-ad
All the other files from the subsystems\Authentication folder have been modified accordingly.

I struggled for a while with the LDAP userSearchBase but I think it's all good now as I have the following trace in tomcat:
 User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, alfrescoNtlm1]
User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, alfrescoNtlm1] complete
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, passthru1]
User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, passthru1] complete
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [default] complete
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [default]
User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [default] complete
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [default]
User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, ldap1]
User:System INFO  [alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, ldap1] complete
User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving users changed since 1/09/2009 14:58:28 from user registry 'ldap1'
User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap1'
User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] 0 user(s) and 0 group(s) processed
User:System INFO  [management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [default] complete

The problem I encounter is related to the imported users. After the first synchronization, information are missing (like job title), some users are disabled, the default Home Space path is not the same for each user (ie some have /Company Home/User Homes/userA and some have /Company Home/userA) and lastly when I try to update their profile (and enable their accounts) in Share, I have the following error:
16:01:22,721 User:admin ERROR [web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 08010034 Wrapped Exception (wit
emplate): 08010033 Failed to execute script '/org/alfresco/repository/person/person.put.json.js (in classpath store file:C:/Alfresco/tomcat/webapps/alfresco/WEB
es/alfresco/templates/webscripts)': 08010032 User not found: USERNAME
org.alfresco.web.scripts.WebScriptException: 08010034 Wrapped Exception (with status template): 08010033 Failed to execute script '/org/alfresco/repository/pers
put.json.js (in classpath store file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts)': 08010032 User not found: USERNAME
        at org.alfresco.web.scripts.AbstractWebScript.createStatusException(AbstractWebScript.java:613)
        at org.alfresco.web.scripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:165)
        at org.alfresco.repo.web.scripts.RepositoryContainer$2.execute(RepositoryContainer.java:357)
        at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:326)
        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:407)
        at org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:424)
        at org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:288)
        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:262)
        at org.alfresco.web.scripts.AbstractRuntime.executeScript(AbstractRuntime.java:139)
        at org.alfresco.web.scripts.servlet.WebScriptServlet.service(WebScriptServlet.java:122)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
        at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
        at java.lang.Thread.run(Thread.java:619)
Caused by: org.alfresco.scripts.ScriptException: 08010033 Failed to execute script '/org/alfresco/repository/person/person.put.json.js (in classpath store file:
o/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts)': 08010032 User not found: USERNAME
        at org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:178)
        at org.alfresco.repo.processor.ScriptServiceImpl.executeScript(ScriptServiceImpl.java:274)
        at org.alfresco.repo.web.scripts.RepositoryScriptProcessor.executeScript(RepositoryScriptProcessor.java:108)
        at org.alfresco.web.scripts.AbstractWebScript.executeScript(AbstractWebScript.java:819)
        at org.alfresco.web.scripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:90)
        … 21 more
Caused by: org.alfresco.repo.security.authentication.AuthenticationException: 08010032 User not found: USERNAME
        at org.alfresco.repo.security.authentication.RepositoryAuthenticationDao.setEnabled(RepositoryAuthenticationDao.java:563)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:95)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at $Proxy91.setEnabled(Unknown Source)
        at org.alfresco.repo.jscript.People.enableAccount(People.java:290)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:155)
        at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:243)
        at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:66)
        at org.mozilla.javascript.gen.c7._c1(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/pers
put.json.js:51)
        at org.mozilla.javascript.gen.c7.call(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/per
.put.json.js)
        at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:108)
        at org.mozilla.javascript.gen.c7._c0(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/pers
put.json.js:96)
        at org.mozilla.javascript.gen.c7.call(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/per
.put.json.js)
        at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:393)
        at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:2834)
        at org.mozilla.javascript.gen.c7.call(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/per
.put.json.js)
        at org.mozilla.javascript.gen.c7.exec(file:C:/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/repository/per
.put.json.js)
        at org.alfresco.repo.jscript.RhinoScriptProcessor.executeScriptImpl(RhinoScriptProcessor.java:457)
        at org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:174)
        … 25 more

However, when a user logs in for the first time in Share using his Windows credentials, then, the account becomes active and details can be updated.

I am completely puzzled and would greatly appreciate your insight on that matter. Let me know if you need more details on config/system/other.

Thanks,

Jonathan

Outcomes