AnsweredAssumed Answered

LDAP Synchronization with Alfresco 3.4d

Question asked by pnavinkumar on Apr 12, 2011
Latest reply on Jul 10, 2013 by bikash
Hi all

I am new to alfresco and I am trying to setup the LDAP Sync with 3.4d. I have been able to establish the login to my AD which is a win2003 server. But somehow synchronization doesn't seem to work for me.

Here is my configuration:

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

ldap.authentication.active=true
ldap.authentication.userNameFormat=%s
ldap.authentication.defaultAdministratorUserNames=admin
ldap.authentication.java.naming.provider.url=ldap://domainserver:389
ldap.authentication.java.naming.security.authentication=simple

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=ldap@itech.com
ldap.synchronization.java.naming.security.credentials=password

ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupSearchBase=ou\=Groups,dc\=itech,dc\=com
ldap.synchronization.userSearchBase=CN\=Users,dc\=itech,dc\=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'

ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=member


but the above configuration fails with the below error:

15:46:40,220 User:System ERROR [security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 03040000 User and group import failed

Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=itech,DC=com'
]; remaining name 'ou=Groups,dc=itech,dc=com'


Desperately looking for help on this. Hoping to get a response.

Thanks in advance.

Outcomes