AnsweredAssumed Answered

ldap synchronization take all users

Question asked by mmuller on Aug 9, 2010
Latest reply on Aug 9, 2010 by mmuller
I have alfresco 3.3

And i wish to use ldap synchronization.

In my ldap-synchronization-proporties i've set all variables and in row with person type ldap I've set inetOrgPerson

Now I have ldap.synchronization.personType=inetOrgPerson

but my afresco takie from ldap all users with type class inetOrgPerson and users without class inetOrgPerson.

but it isnt one problem because Alfresco takes the group and uses them as a user and at the same time as your group account

What is wrong ?


ldap.authentication.active=true
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=cn=%s,ou=dyrekcja,ou=bet-edu,o=bet-hol
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://10.10.20.3:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=mmuller
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=cn=ldapuser,ou=SERVICES,ou=BET-EDU,o=BET-HOL
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.queryBatchSize=0
ldap.synchronization.attributeBatchSize=0
ldap.synchronization.groupQuery=(&(description=*Alfresco*)(objectclass=groupOfUniqueNames))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=o\=BET-HOL
ldap.synchronization.userSearchBase=o\=BET-HOL
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=cn
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o\=bet-hol
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=cn
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true

Outcomes