AnsweredAssumed Answered

Passthru + LDAP + SSO

Question asked by nm_santos on Apr 26, 2012
Good afternoon,

I'm trying to use passthru for SSO Login and to use LDAP to get user details, like names, e-mail etc.

I've read that it is possible to do it.

Note: They both work well separately.

But with my configuration, I always get this error:

org.alfresco.error.AlfrescoRuntimeException: 03260000 User and group import failed
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1141)
   at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getGroups(LDAPUserRegistry.java:667)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:618)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:434)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$6.doWork(ChainingUserRegistrySynchronizer.java:1529)
   at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:508)
   at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.onBootstrap(ChainingUserRegistrySynchronizer.java:1523)
   at org.springframework.extensions.surf.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:56)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.alfresco.repo.management.subsystems.ChildApplicationContextFactory$ApplicationContextState.start(ChildApplicationContextFactory.java:624)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.start(AbstractPropertyBackedBean.java:458)
   at org.alfresco.repo.management.subsystems.AbstractPropertyBackedBean.onApplicationEvent(AbstractPropertyBackedBean.java:386)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:97)
   at org.alfresco.repo.management.SafeApplicationEventMulticaster.multicastEvent(SafeApplicationEventMulticaster.java:78)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:294)
   at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:858)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:419)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:261)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:192)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:47)
   at org.alfresco.web.app.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:63)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4135)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4630)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:546)
   at org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:637)
   at org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:563)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:498)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1277)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:321)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
   at org.apache.catalina.core.StandardService.start(StandardService.java:519)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece

Here is my alfresco properties file:



###############################
## Common Alfresco Properties #
###############################

dir.root=D:/Alfresco/alf_data

web.application.context.url=http://dt106846:8080/alfresco

### database connection properties ###
db.driver=org.postgresql.Driver
db.username=alfresco
db.password=ADMIN
db.name=alfresco
db.url=jdbc:postgresql://localhost:5432/${db.name}

### FTP Server Configuration ###
ftp.enabled=true
ftp.port=21
ftp.ipv6.enabled=false

### RMI service ports ###
alfresco.rmi.services.port=50500
avm.rmi.service.port=0
avmsync.rmi.service.port=0
attribute.rmi.service.port=0
authentication.rmi.service.port=0
repo.rmi.service.port=0
action.rmi.service.port=0
deployment.rmi.service.port=0

### External executable locations ###
ooo.exe=D:/Alfresco/openoffice/App/openoffice/program/soffice.exe
ooo.enabled=true
ooo.port=8100
img.root=D:/Alfresco/imagemagick
img.dyn=${img.root}/lib
img.exe=${img.root}/convert
swf.exe=D:/Alfresco/swftools/pdf2swf.exe
jodconverter.enabled=false
jodconverter.officeHome=D:/Alfresco/openoffice/App/openoffice
jodconverter.portNumbers=8100

### Initial admin password ###
alfresco_user_store.adminpassword=11a01c4a0f2f228796c93fa0ca1a634d


### Authentication ###

authentication.chain=passthru1:passthru,ldap1:ldap-ad

ntlm.authentication.sso.enabled=true

alfresco.authentication.authenticateCIFS=false

passthru.authentication.useLocalServer=false
passthru.authentication.domain=#
passthru.authentication.servers=NUNO\\ADPTL201,NUNO\\ADPTL202,NUNO\\ADPTL203
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=nb19200

#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000

#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=false
passthru.authentication.authenticateFTP=false

ldap.authentication.active=false
ldap.synchronization.active=true

ldap.authentication.userNameFormat=%s@nuno.intra
ldap.authentication.java.naming.provider.url=ldap://adptl201.nuno.intra:3268
ldap.authentication.defaultAdministratorUserNames=nb19200

ldap.synchronization.java.naming.security.principal=nb19200   
ldap.synchronization.java.naming.security.credentials=
ldap.synchronization.groupSearchBase=cn\=Users,dc\=nuno,dc=intra
ldap.synchronization.userSearchBase=cn\=Users,dc\=nuno,dc=intra

Can someone point me in the right direction?

Thanks in advance,
Nuno.

Outcomes