AnsweredAssumed Answered

LDAP users disabled so cannot login

Question asked by barbaro on Aug 26, 2015
Latest reply on Aug 27, 2015 by barbaro
Hi to all!
  I'm a new user of Alfresco and I'm trying to integrate on a Windows Server 2008 machine a fresh istance with our LDAP - Active Directory.
After a lot of google reads and tests I was able to make Alfresco read my AD user but it is always disabled, so I'm not able to login with it.

So I'll share with you the content of alfresco-global.properties.sample (I've substituted only the references to our internal names of servers and users):

ldap.authentication.active=true
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false

ldap.authentication.userNameFormat=%s@<domain>.local
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.security.authentication=SIMPLE
ldap.authentication.java.naming.read.timeout=30000
ldap.authentication.java.naming.provider.url=ldap://<server>:389

### LDAP Synchronization ###
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=<user>@<domain>.local
ldap.synchronization.java.naming.security.credentials=<pass>
ldap.synchronization.groupSearchBase=OU\=Sistemi Informativi…
ldap.synchronization.userSearchBase=OU\=Sistemi Informativi…
ldap.synchronization.userEmailAttributeName=mail

This is the relevant part, is there someone of you who could help me understand where I'm wrong?
Moreover, is there a way to make the logs more verbose and trace my login failure attempts?

Thanks in advance,
Marco

Outcomes