AnsweredAssumed Answered

Alfresco Community 5.0d sync with Active Directory

Question asked by ccandreva on Jun 15, 2015
Latest reply on Jun 17, 2015 by borisstankov
I've run into an error setting up active directory sync that my searching has not been able to unwind:

benchmarkeducation.ny is a domain that resolves only on our internal network .  Any pointers greatly appreciated.



2015-06-15 17:10:00,363 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-5] Retrieving all groups from user registry 'ldap-ad1'
2015-06-15 17:10:00,370 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] [DefaultScheduler_Worker-5] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 05150031 Error during LDAP Search. Reason:[LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:
        'DC=benchmarkeducation,DC=ny'


Here is the relevant configuration section:

authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru,ldap-ad1:ldap-ad
#Auth done via passthrough in another config file, will move here later:

alfresco.authentication.authenticateCIFS=false
ldap.authentication.active=false
ldap.synchronization.active=true
synchronization.import.cron=0 0/10 9-18 ? * MON-FRI
#synchronization.allowDeletions=true
synchronization.syncOnStartup=true
ldap.authentication.java.naming.provider.url=ldap://benchmarkeducation.ny:389
ldap.synchronization.java.naming.security.principal=BENCHMARK\\SA_Alfresco
ldap.synchronization.java.naming.security.credentials=************
ldap.synchronization.groupSearchBase=cn\=Groups,dc\=benchmarkeducation,dc\=ny
ldap.synchronization.userSearchBase=cn\=BEC-users,dc\=benchmarkeducation,dc\=ny
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProviderldap.synchronization.groupIdAttributeName\=cn
#ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
#ldap.synchronization.groupMemberAttributeName=member
synchronization.synchronizeChangesOnly=false

Outcomes