AnsweredAssumed Answered

Alfresco - Active Directory

Question asked by angymar on Aug 13, 2012
Latest reply on Sep 23, 2013 by oskar201
Hola a todos, despues de algunos intentos para sincronizar Alfresco con Aactive Directory lo he conseguido y dejo aqui las lineas que s edebe aumentar el el alfresco-global.properties por si a alguien le sirve:

authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=true
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=false
ldap.authentication.active=false
ldap.synchronization.active=true
###Autenticación del dominio
passthru.authentication.useLocalServer=false
passthru.authentication.domain=nombre-de-tu-maquina.tu-dominio
passthru.authentication.servers=ip-de-tu-servidor-de-dominio
ntlm.authentication.mapUnknownUserToGuest=true
passthru.authentication.authenticateFTP=false
passthru.authentication.guestAccess=true
passthru.authentication.defaultAdministratorUserNames=administrador-de-tu-dominio
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s@tu-dominio
ldap.authentication.allowGuestLogin=true
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://ip-de-tu-servidor-de-dominio:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=administrador@tu-dominio
ldap.synchronization.java.naming.security.credentials=passwor-administrador
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupDifferentialQuery=(&(objectclass=nogroup)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(& (objectclass=user)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupSearchBase=dc\=tu-dominio,dc\=tu-dominio
ldap.synchronization.userSearchBase=dc\=tu-dominio,dc\=tu-dominio
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
synchronization.synchronizeChangesOnly=true

Saludos

Outcomes