AnsweredAssumed Answered

auth against active directoy using ldaps

Question asked by elmuchacho on Oct 2, 2009
Latest reply on Nov 5, 2009 by elmuchacho
i found some informations about this by searching this forum and reading the wiki …

I have an ubuntu 8.04 LTS system with running alfresco on it …
Right now it works by using alfresco's local user db

I would like to login to alfresco by using my MS Active Directory credentials.
the ldap-connection is established (ldapsearch works)
now i need to configure the alfresco global properties file:
my 1st try will go like this:
### AUTH against MS-ADS
authentication.chain=passthru1:passthru,ldap1:ldap-ad
ldap.authentication.active=false
passthru.authentication.domain=
passthru.authentication.servers=test\\srv.test.local,srv.test.local
passthru.authentication.defaultAdministratorUserNames=administrator
ldap.authentication.java.naming.provider.url=ldap://srv.test.local:389
ldap.authentication.userNameFormat=%s@test.local
ldap.synchronization.java.naming.security.principal=administrator@test.local
ldap.synchronization.java.naming.security.credentials=verysecret
ldap.synchronization.groupSearchBase=ou=alfresco,dc=test,dc=local
ldap.synchronization.userSearchBase=ou=alfresco,dc=test,dc=local

is this really all, what needs to be configured in alfresco in order to auth against an Win2k3 server with running AD?

after reboot (/etc/init.d/tomcat6 restart wont work) i can login with my AD credentials …
and if changing my passwd in AD, alfresco login uses the new credentials …

but if i create a new user in AD this user can't login to alfresco …

so i need to add the user twice ?! In AD and Alfresco?

Outcomes