AnsweredAssumed Answered

ldap-ad empty groups

Question asked by lvalero on Jan 26, 2010
Latest reply on Jun 9, 2010 by marcobusetto
Hello,

The user synchronization is ok, groups from active directory are created but they are empty, is it normal ?


root@hechix:/opt/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad# cat ldap-ad-authentication.properties
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=%s@domain
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://xx.xx.xx.x:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=alfrescoadm
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=aldap@gch.mycomp.ca
ldap.synchronization.java.naming.security.credentials=xxxxx
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=cn\=AlfrescoGroup,dc\=gch,dc\=mycomp,dc\=ca))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf\=cn\=AlfrescoGroup,dc\=gch,dc\=mycomp,dc\=ca)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=cn\=AlfrescoGroup,dc\=gch,dc\=mycomp,dc\=ca))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(memberOf\=cn\=AlfrescoGroup,dc\=gch,dc\=mycomp,dc\=ca)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=dc\=gch,dc\=mycomp,dc\=ca
ldap.synchronization.userSearchBase=dc\=gch,dc\=mycomp,dc\=ca
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=true

Regards.

Outcomes