AnsweredAssumed Answered

Authentication and Syncronization using ldap

Question asked by cristina.aragon on Mar 17, 2011
Hi all!

I´m trying to Authenticate against an openldap server and want to syncronize those users and groups from ldap to alfresco.
My question is: Can I authenticate using DIGEST-MD5 (supported by the ldap server) and syncronize using simple mechanism? The reason is that in my alfresco.log file, when I use DIGEST-MD5 for both authentication and syncronization systems, the Authentication system starts ok:

Startup of 'Authentication' subsystem, ID: [Authentication, managed, ldap1] complete

but I can´t say the same for Syncronization:

12:14:48,898 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [Synchronization, default]
12:14:48,907 INFO  [org.alfresco.config.FixedPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/version.properties]
12:14:48,907 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
12:14:48,907 INFO  [org.alfresco.config.FixedPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/domain/cache-strategies.properties]
12:14:48,907 INFO  [org.alfresco.config.FixedPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/module/org.alfresco.module.vti/context/vti.properties]
12:14:48,907 INFO  [org.alfresco.config.FixedPropertyPlaceholderConfigurer] Loading properties file from URL [file:/Alfresco/tomcat/shared/classes/alfresco/extension/custom-vti.properties]
12:14:48,928 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
12:14:48,933 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
12:14:48,960 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to error
org.alfresco.repo.security.authentication.AuthenticationException: 02170000 Unable to connect to LDAP Server; check LDAP configuration
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.buildInitialDirContext(LDAPInitialDirContextFactoryImpl.java:118)
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:89)
        at org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl.getDefaultIntialDirContext(LDAPInitialDirContextFactoryImpl.java:82)
        at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry$3.<init>(LDAPUserRegistry.java:670)
……


So I´ve thought that may be if I change:
ldap.synchronization.java.naming.security.authentication=simple
may be it works ….

(I´m connecting to the secure port 636 because my ldap admin don´t let accesing to 389).

Thanks in advance!
Cristina

Outcomes