AnsweredAssumed Answered

Restrict some users from LDAP-AD to login in alfresco

Question asked by valter_85 on Aug 1, 2012
Latest reply on Aug 17, 2012 by valter_85
hello,

I have a small problem in my ldap-ad sync groups.
I have created a group in ldap which I want to be able to login in alfresco, in order to restrict the remaing users that are not part of the group to login in alfresco and therefore have access to alfresco.
the problem is that everyone who has an account in ladp can login in alfresco, so I believe that my ldap configs are not correct.
in my ldap-ad-authentication.properties file I have the following:


# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=group)(|(cn=testUsers)(memberOf\=cn=grupo_teste,dc=alfteste,dc=local))

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(|(cn=testUsers)(memberOf\=cn=grupo_teste,dc=alfteste,dc=local))(!(modifyTimestamp<\={0})))

# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

### The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
#ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Alfresco,dc=alfteste,dc=local
ldap.synchronization.groupSearchBase=cn=testUsers

### The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=cn=testUsers

I'm thinking if it is in this file that I have to config those restrictions??
Does anyone had this problem? How can I solve it??

thanks in advance.

valter

ps:  my alfresco version is the Community 3.4d on windows 7.

Outcomes