AnsweredAssumed Answered

[LDAP] User sync at connection

Question asked by piski on Jan 13, 2010
Latest reply on Feb 7, 2011 by mjjn
Hi everybody,

I've installed a test environment (WebClient+Share) with these features :
- Authentification passthru, SSO
- CIFS, FTP, Webdav

SSO authentification don't give me automatically fields of my Active Directory (lastname, firstname, mail …), I've installed LDAP-AD sync (not authentification). All works fine.

After several tests, sync launches itself at Alfresco startup. So, I find and parameter :
synchronization.syncOnStartup=false

As I want a new user (unknown from Alfresco) will created automatically, with informations from AD, I also parameter :

# Should we trigger a differential sync when missing people log in?
synchronization.syncWhenMissingPeopleLogIn=false

# Should we auto create a missing person on log in?
synchronization.autoCreatePeopleOnLogin=true


My problem ; when an unknown user tries to connect, sync launches itself all over my AD (parametered in synchronization.groupSearchBase & synchronization.userSearchBase).

I don't want to sync all my AD users (I want only new unkown users which try to connect at minimum 1 time).
I want to create only this user and pick up his AD informations at his connection.

I've tried (unsuccessfully) :
synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(sAMAccountName\=%s))
or
synchronization.userSearchBase=DC\=my,DC\=organization,DC\=infos,DC\=com,sAMAccountName\=%s

If is it possible, how ?

Any help would be welcomed

Outcomes