AnsweredAssumed Answered

LDAP Authentication gets in the way of 'new user'

Question asked by arnieaustin on Aug 30, 2010
Latest reply on Aug 31, 2010 by arnieaustin
I've been reading the forums and manuals and getting really confused.

I want to use LDAP for authentication ONLY. I don't want to sync anything, I don't want to use an AD Domain for authentication or pass through or anything else.

I have LDAP connected and working just fine - but now that it is working - I cannot add any more users to Alfresco:

Failed to create Person due to error: 07300003 Unable to create authentication as there is no suitable authentication service.

This has got to be a wrong error message for the situation. How can there NOT be a "suitable authentication service" when I used LDAP to get into the system in the first place?!?!

I want to be able to add users to Alfresco MANUALLY but they will need to authenticate via LDAP no matter the client - web, share, cifs.

Is this setup not possible? My configuration settings follow:

#authentication.chain=alfrescoNtlm1:alfrescoNtlm
# authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap
authentication.chain=ldap1:ldap

#ntlm.authentication.sso.enabled=false
#ntlm.authentication.mapUnknownUserToGuest=false
alfresco.authentication.authenticateCIFS=true

#passthru.authentication.authenticateCIFS=false
#passthru.authentication.userLocalServer=false
#passthru.authentication.domain=tagad
#passthru.authentication.authenticateFTP=true
#passthru.authentication.guestAccess=false

ldap.authentication.active=true
ldap.synchronization.active=false

alfresco.authentication.allowGuestLogin=false

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://idv1.oag.state.tx.us:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.java.naming.security.principal=portalsystem
ldap.authentication.java.naming.security.credentials=portalsystem
ldap.authentication.userNameFormat=cn=%s,ou=al,ou=employees,ou=people,o=idv
ldap.authentication.allowGuestLogin=false
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false

Outcomes