AnsweredAssumed Answered

Is there a better way to sync the active directory groups in LDAP queries

Question asked by hsturner on Feb 5, 2016
Latest reply on Jul 13, 2016 by hsturner
Hi I am trying to find an easier way to sync active directory groups.  We currently have to add the new group name to the LDAP queries and restart the alfresco service to get the new users to synch.  Is there a better way to do this so we don't have to add in the group name and restart the service every time?

I have tried:
ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf=ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf=ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))
ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf=ou\=Alfresco Groups,ou\=Security_Groups,dc\=pblp,dc\=ca(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf=ou\=Alfresco Groups,ou\=Security_Groups,dc\=pblp,dc\=ca(userAccountControl\:1.2.840.113556.1.4.803\:\=512))


But I received no group or users synching to alfresco

Here is the current LDAP Queries that do synch groups and users:
ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf=cn\=ERP_Alfresco,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf=CN\=ERP_Alfresco,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))


ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf=cn\=ERP_Alfresco,ou\=Alfresco Groups,ou\=Security_Groups,dc\=pblp,dc\=ca)(memberOf=cn\=Alfresco_TAD,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITI,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITS,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_MSG,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_Admin,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_User,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Planning_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Planning_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_FIN,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_HR_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_HR_Manager,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Supervisors,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Techs,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Marketing_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Collaborator, ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Planner_Coordinators,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen_Transfer_Managers, ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen_Transfer_Release,ou\=Alfresco Groups, ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITD,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Consumers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Contributors,ou\=Alfresco Groups, ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_LMS_Manager,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_Site_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_ITD_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_LMS_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_Ops_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf=cn\=ERP_Alfresco,ou\=Alfresco Groups,ou\=Security_Groups,dc\=pblp,dc\=ca)(memberOf=cn\=Alfresco_TAD,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITI,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITS,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_MSG,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_Admin,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ERP_Project_User,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp.dc\=ca)(memberOf=CN\=Alfresco_Game_Planning_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Planning_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_FIN,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_HR_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_HR_Manager,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Supervisors,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Lab_Techs,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Marketing_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Collaborator,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Planner_Coordinators,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen_Transfer_Managers, ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen_Transfer_Release,ou\=Alfresco Groups, ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Game_Gen,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_ITD,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Consumers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Contributors,ou\=Alfresco Groups, ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Business_Development_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_LMS_Manager,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_Site_Managers,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_ITD_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_LMS_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca)(memberOf=CN\=Alfresco_Second_Chance_Ops_Consumer,ou\=Alfresco Groups,ou\=Security Groups,dc\=pblp,dc\=ca))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

Outcomes