AnsweredAssumed Answered

ldap-ad sync does not add synced users to the synced groups

Question asked by brazen on Mar 24, 2011
This is Alfresco 3.4d against a Windows 2008 R2 domain.

The user's get synched and the groups get synched to Alfresco, but the users are not members of the groups in Alfresco even though they are members of the groups in Active Directory.  Shouldn't the users get put in their same groups from active directory?

Here is my ldap-ad1.properties:

### LDAP-AD synchronizing ###
ldap.synchronization.active=true
# see bottom of file for stuff I'll probably want to change

### LDAP-AD authentication ###
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=false
ldap.authentication.defaultAdministratorUserNames=

### Synchronization - Domain Specific Settings ###
ldap.synchronization.java.naming.security.principal=sync_user@company.com
ldap.synchronization.java.naming.security.credentials=lskdjw09u8lksdjf

### Authentication - Domain Specific Settings ###
ldap.authentication.userNameFormat=%s@company.com
ldap.authentication.java.naming.provider.url=ldap://company.com:389


### Sync Queries ###################################################################################

ldap.synchronization.groupSearchBase=ou\=Security Groups,ou\=Groups,ou\=Everything,dc\=company,dc\=com
ldap.synchronization.userSearchBase=ou\=User Accounts,ou\=Everything,dc\=company,dc\=com

I'm not sure if this is an Alfresco issue, or if maybe it has something to do with the query results from Window 2008 R2.

Outcomes