AnsweredAssumed Answered

Unable to configure LDAD-AD in Comunity4.2

Question asked by cos on Mar 21, 2014
Latest reply on Apr 7, 2014 by cos
Hi everybody

I'm trying to connecto to a W2008 Server ActiveDirectory but after reading the documentation, the blog, the wiki… I'm still confuse and doesn't work. And nothing appears in the log files. What exactly I need to do?

I modified the file "/alfresco/tomcat/shared/classes/alfresco-global.properties" adding the following

*/****************************************
#authentication chain
authentication.chain=ldap1:ldap-ad,alfrescoNtlm1:alfrescoNtlm

#configuracion LDAP
ldap.authentication.active=true

ldap.authentication.allowGuestLogin=false

ldap.authentication.userNameFormat=%s@MYDOMAIN.ES

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

ldap.authentication.java.naming.provider.url=ldap://172.16.29.130:389

ldap.authentication.java.naming.security.authentication=simple

ldap.authentication.escapeCommasInBind=false

ldap.authentication.escapeCommasInUid=false

ldap.authentication.defaultAdministratorUserNames=Administrator

ldap.synchronization.active=true

ldap.synchronization.java.naming.security.authentication=simple

ldap.synchronization.java.naming.security.principal=me@MYDOMAIN.es

ldap.synchronization.java.naming.security.credentials=password

ldap.synchronization.queryBatchSize=1000

ldap.synchronization.attributeBatchSize=1000

ldap.synchronization.groupQuery=(objectclass\=MYGROUP)

ldap.synchronization.groupDifferentialQuery=(&(objectclass\=MYGROUP)(!(whenChanged<\={0})))

ldap.synchronization.personQuery=(&(objectclass\=Users)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=Users)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(whenChanged<\={0})))

ldap.synchronization.groupSearchBase=dc=CSG,dc=ES

ldap.synchronization.userSearchBase=ou\=User Accounts,dc=XX,dc=XX

ldap.synchronization.modifyTimestampAttributeName=whenChanged

ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

ldap.synchronization.userIdAttributeName=userPrincipalName

ldap.synchronization.userFirstNameAttributeName=givenName

ldap.synchronization.userLastNameAttributeName=sn

ldap.synchronization.userEmailAttributeName=mail

ldap.synchronization.userOrganizationalIdAttributeName=company

ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider

ldap.synchronization.groupIdAttributeName=cn

ldap.synchronization.groupDisplayNameAttributeName=displayName

ldap.synchronization.groupType=group

ldap.synchronization.personType=user

ldap.synchronization.groupMemberAttributeName=member

ldap.synchronization.enableProgressEstimation=true

ldap.authentication.java.naming.read.timeout=0
***********************************


Also use the file "/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldad-ad/ldap1/ldap-ad-authentication.properties" with the same lines and nothing.

Best regards
Gonzalo Arroyo

Outcomes