AnsweredAssumed Answered

Alfresco authentication

Question asked by mudasar on Jul 6, 2011
Hi,

I am use Alfresco 3.4d and Zimbra 7. I just want that user authenticate from Zimbra openldap. All other attributes are loaded from alfresco.

For example.
I create a user in alfresco and define all its attributes(Name, groups, Home directory etc), and now just want that user authenticate from Zimbra.
Is that possible?

I have added following ldap entries

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid\=%s,ou\=use rs,dc\=XXXX,dc\=com
ldap.authentication.java.naming.factory.initial=co m.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://XXXXXXX:389
ldap.authentication.java.naming.security.authentic ation=DIGEST-MD5
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames= XXXXX
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principa l=uid\=XXX,cn\=XXXX,cn\=XXXX
ldap.synchronization.java.naming.security.credenti als=XXXXXX
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(objectclass\=grou pOfNames)
ldap.synchronization.groupDifferentialQuery=(&(obj ectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=ine tOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(ob jectclass\=inetOrgPerson)(!(modifyTimestamp<\={0}) ))
ldap.synchronization.groupSearchBase=ou\=groups,dc \=XXXX,dc\=com
ldap.synchronization.userSearchBase=ou\=people,dc\ =XXXXX,dc\=com
ldap.synchronization.modifyTimestampAttributeName= modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmms s'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=gi venName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttribute Name=o
ldap.synchronization.defaultHomeFolderProvider=use rHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=groupOfNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=memb er
ldap.synchronization.enableProgressEstimation=true

————————————————-

That generate following logs, its show that by using above setting alfresco is successfully communicating with zimbra, but i am not able to login alfresco by using zimbra password.

19:24:59,526 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Synchronizing users and groups with user registry 'ldap1'
19:24:59,538 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving all groups from user registry 'ldap1'
19:24:59,571 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Commencing batch of 0 entries
19:24:59,574 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 Group Analysis: Completed batch of 0 entries
19:24:59,587 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Retrieving users changed since Jan 14, 2009 11:25:51 PM from user registry 'ldap1'
19:24:59,598 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Commencing batch of 0 entries
19:24:59,599 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] ldap1 User Creation and Association: Completed batch of 0 entries
19:24:59,619 User:System INFO  [security.sync.ChainingUserRegistrySynchronizer] Finished synchronizing users and groups with user registry 'ldap1'

I have looking at the following forum that i really usefull but it import all users from zimbra to alfresco.

http://forums.alfresco.com/en/viewtopic.php?f=9&t=21698


Thanks
Mudasar
o2sp.com

Outcomes