AnsweredAssumed Answered

LDAP-AD und Alfresco synchronisieren nicht miteinander

Question asked by njuettner_4133 on Mar 16, 2010
Latest reply on Apr 13, 2010 by njuettner_4133
hallo zusammen,

ich bin langsam echt verzweifelt, ich weiß nicht wieviele stunden ich jetzt vor diesem problem sitze und einfach nicht weiterkomme.

SOLL-Zustand: Ich möchte das Alfresco sich mit dem LDAP-AD synchronisiert. Authentifizierung funktioniert über NTLM.

IST-Zustand: Er findet weder Benutzer noch Gruppen die er synchroniseren kann. Authentifizierung funktioniert über NTLM.


Folgende Einstellungen habe ich vorgenommen:

alfresco-global.properties:

authentication.chain=passthru1:passthru,ldap-ad1:ldap-ad

ldap-ad Properties:


# LDAP Sync
#
# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=false
ldap.authentication.java.naming.security.authentication=simple

# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.provider.url=ldap://<IP-Adresse>:389

# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.java.naming.security.principal=alfresco@DOMAIN

# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=SECRET

# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000

ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=OU\=Alfresco Gruppen,OU\=Mitarbeiter,DC\=DOMAIN,DC\=de))

ldap.synchronization.personQuery=(&(objectclass\=user)(memberOf\=OU\=Alfresco Benutzer,OU\=Mitarbeiter,DC\=DOMAIN,DC\=de))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.groupSearchBase=OU\=Mitarbeiter,DC\=DOMAIN,DC\=de
ldap.synchronization.userSearchBase=OU\=Mitarbeiter,DC\=DOMAIN,DC\=de

# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName

# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName

# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn

# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail

# The attribute on person objects in LDAP to map to the organizational id  property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company

# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

ldap.synchronization.groupMemberAttributeName=member

synchronization.synchronizeChangesOnly=false

passthru Properties:

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=DOMAIN\\<IP-Adressen>
ntlm.authentication.sso.enabled=true
alfresco.authentication.allowGuestLogin=false
ntlm.authentication.mapUnknownUserToGuest=false
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=false
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=Administrator

Achso hier noch der Auszug der alfresco.log:

11:46:39,826 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/repository.properties]
11:46:39,826 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/domain/transaction.properties]
11:46:39,826 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from URL [file:/C:/Alfresco/tomcat/shared/classes/alfresco-global.properties]
11:46:39,935 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:46:48,639 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from file [C:\Alfresco\tomcat\shared\classes\alfresco\extension\subsystems\Authentication\passthru\passthru1\changes.properties]
11:46:48,639 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from file [C:\Alfresco\tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap-ad1\changes.properties]
11:46:50,718 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from file [C:\Alfresco\tomcat\shared\classes\alfresco\extension\subsystems\fileServers\default\default\changes.properties]
11:47:03,578 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
11:47:05,437 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
11:47:06,234 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'sysAdmin' subsystem, ID: [sysAdmin, default]
11:47:06,484 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:06,484 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'sysAdmin' subsystem, ID: [sysAdmin, default] complete
11:47:08,844 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'thirdparty' subsystem, ID: [thirdparty, default]
11:47:08,859 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:09,578 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'thirdparty' subsystem, ID: [thirdparty, default] complete
11:47:09,656 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: C:\Alfresco\alf_data
11:47:09,688 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
11:47:10,141 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
11:47:10,141 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 0 module(s).
11:47:10,203 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'fileServers' subsystem, ID: [fileServers, default]
11:47:10,219 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:10,781 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [Authentication, managed, passthru1]
11:47:10,828 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:11,375 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, passthru1] complete
11:47:11,375 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [Authentication, managed, ldap-ad1]
11:47:11,391 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:11,531 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap-ad1] complete
11:47:11,547 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [fileServers, default] complete
11:47:11,547 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [imap, default]
11:47:11,594 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:11,641 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [imap, default] complete
11:47:11,641 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Enabled - calculate missing user usages …
11:47:11,641 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] Found 0 users to recalculate
11:47:11,641 INFO  [org.alfresco.repo.usage.UserUsageTrackingComponent] … calculated missing usages for 0 users
11:47:11,641 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [Synchronization, default]
11:47:11,922 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:11,985 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap-ad1'
11:47:12,000 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving groups changed since 15.03.2010 15:09:50 from user registry 'ldap-ad1'
11:47:12,047 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 Group Analysis: Commencing batch of 0 entries
11:47:12,047 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 Group Analysis: Completed batch of 0 entries
11:47:12,047 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving users changed since 16.03.2010 09:18:37 from user registry 'ldap-ad1'
11:47:12,063 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 User Creation and Association: Commencing batch of 0 entries
11:47:12,078 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] ldap-ad1 User Creation and Association: Completed batch of 0 entries
11:47:12,078 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap-ad1'
11:47:12,078 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] 0 user(s) and 0 group(s) processed
11:47:12,094 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [Synchronization, default] complete
11:47:12,328 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_16-b01; maximum heap size 989,875MB
11:47:12,328 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Community): Current version 3.2.0 (r2 2440) schema 3300 - Originally installed version 3.2.0 (r2 2440) schema 3300
11:47:29,517 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'wcm_deployment_receiver' subsystem, ID: [wcm_deployment_receiver, default]
11:47:29,533 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:47:29,595 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'wcm_deployment_receiver' subsystem, ID: [wcm_deployment_receiver, default] complete
11:47:31,736 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Refreshing org.alfresco.config.JBossEnabledWebApplicationContext@135bc2a6: display name [Root WebApplicationContext]; startup date [Tue Mar 16 11:47:31 CET 2010]; root of context hierarchy
11:47:32,095 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Bean factory for application context [org.alfresco.config.JBossEnabledWebApplicationContext@135bc2a6]: org.springframework.beans.factory.support.DefaultListableBeanFactory@5fc431e1
11:47:33,267 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 22 Web Scripts (+0 failed), 24 URLs
11:47:33,283 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised Presentation Web Script Container (in 188.89691ms)
11:47:33,361 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 40 Web Scripts (+0 failed), 42 URLs
11:47:33,361 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised WebFramework Web Script Container (in 79.564865ms)
11:47:33,424 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework
11:47:36,408 INFO  [org.alfresco.web.site.servlet.NTLMAuthenticationFilter] NTLMAuthenticationFilter initialised.
11:47:36,424 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework

Sagt mir bitte was ich falsch mache?

Outcomes