AnsweredAssumed Answered

LDAP synch users

Question asked by cnihill on Feb 18, 2010
Latest reply on Mar 1, 2010 by dward
Hi,

I am aware that this topic has been covered in the post on
http://forums.alfresco.com/en/viewtopic.php?f=9&t=24552&p=81177&hilit=LDAP+empty+groups#p81177
but I am still having a problem.

I am trying to import a master group which contains sub groups and users.
With the config settings below however I am only importing the sub groups.
i am missing the users and the master group.

Can anyone see what is causing this?

Thanks,
Clem.


##NTLM
authentication.chain=passthru1:passthru,ldap1:ldap
ntlm.authentication.sso.enabled=true
passthru.authentication.domain=
passthru.authentication.useLocalServer=false
passthru.authentication.servers=MAILDOMAIN\\mail01
passthru.authentication.authenticateCIFS=true
passthru.authentication.defaultAdministratorUserNames=testuser1,testuser2

##LDAP
ldap.authentication.active=false
ldap.synchronization.active=true
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=true
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.java.naming.provider.url=ldap://ldapdomain.ie:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false

ldap.synchronization.java.naming.security.principal=CN\=testuser1,OU\=ICTL_ITSer_25,OU\=ITSer,OU\=ICTL,OU\=Users,DC\=Domain,DC\=ie
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.queryBatchSize=1000

##groupQuery
ldap.synchronization.groupQuery=(&(objectclass\=group)(|(cn\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC\=Domain,DC\=ie)(memberOf\=cn\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC\=Domain,DC\=ie)))

##differential Group Query
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(|(cn\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC\=Domain,DC\=ie)(memberOf\=CN\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC\=Domain,DC\=ie))(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=DC\=Domain,DC\=ie

##personQuery
ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=cn\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC=Domain,DC\=ie)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

##differential User Query
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(memberOf\=cn\=Manuals Master Group,OU\=Security Groups,OU\=Global,OU\=Divisions,OU\=Manual,DC\=Domain,DC\=ie)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

ldap.synchronization.userSearchBase=DC\=Domain,DC\=ie

##settings


ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Outcomes