AnsweredAssumed Answered

LDAP filtering issue in Alfresco 4.0E Community

Question asked by haas71 on Sep 27, 2012
Latest reply on Oct 9, 2012 by sharifu
Hello,

I was able to get AD LDAP auth enabled in Alfresco 4.0E and log on. However, I have been seaching Google and this site for an answer to why my Profiles are not populating with the users information in Alfresco from AD. Is there an XML file I need to edit as well? I am able to logon to Alfresco fine. However, when I go to edit my profile, just my AD user ID shows up in "First Name" under about. No other feilds are populated. I have downloaded an LDAP browser on my PC. I have the seach group starting at the domain level. I'm assuming Alfresco will search the entire subtree. Well, I probably couldn't logon if it didn't. I am attaching the code for your viewing. I also looked at the "Alfresco.log" file and there were no errors pertaining to LDAP auth.
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap
ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=false
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true
ldap.authentication.active=false
ldap.synchronization.active=true
passthru.authentication.useLocalServer=false
passthru.authentication.domain=ACME
passthru.authentication.servers=ACME\\10.16.X.X
ntlm.authentication.sso.enables=false
ntlm.authentication.mapUnknownUserToGuest=false
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=BUGS
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s@ACME.DOMAIN.org
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://DC1.ACME.DOMAIN.org:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.synchronization.java.naming.security.principal=admin@acme.domain.org
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=2000
ldap.synchronization.groupSearchBase=DC=ACME,DC=DOMAIN,DC=ORG
ldap.synchronization.userSearchBase=DC=ACME,DC=DOMAIN,DC=ORG
ldap.synchronisation.personQuery=(&(!(userAccountControl:1.2.840.113556.1.4.803:=2))(givenName=*)(sn=*)(mail=*)(company=*))
ldap.synchronisation.userIdAttributeName=sAMAccountName
ldap.synchronisation.userFirstNameAttributeName=givenName
ldap.synchronisation.userLastNameAttributeName=sn
ldap.synchronisation.userOrganizationalIdAttributeName=company
ldap.synchronisation.groupQuery=(&(objectclass=group)(grouptype=-2147483646))
ldap.synchronisation.groupIdAttributeName=cn
ldap.synchronisation.personType=user
ldap.synchronisation.groupMemberAttributeName=member
synchronization.synchronizeChangesOnly=true

Outcomes