AnsweredAssumed Answered

Alfresco Community 201704 | LDAP and Apache Directory Studio | alfresco-global.properties

Question asked by fmatias on May 23, 2017
Latest reply on May 24, 2017 by mehe

Hi guys,
I'm facing some difficulties to configure the Alfresco Community 201704 with LDAP using the Apache Directory Studio. I read in some foruns a lot of different ways configure these two solutions, one for 201704 version and others for older versions of Alfresco.

I was in the topic alfresco - Ldap and alfresco 5.2 synchronization - Stack Overflow, but even doing the changes only for my server, still I hadn't success to use the users and passwords from Apache Directory Studio, that in another application is working well.
I pasted down below the code that I put in the file "alfresco-global.properties" in \Alfresco\tomcat\shared\classes\.

 

### LDAP connection ###
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad

ntlm.authentication.sso.enabled=false
ldap.synchronization.java.naming.security.authentication=simple

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid=%s,ou=users,ou=system
ldap.authentication.java.naming.provider.url=[MYDOMAIN]
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco, admin
ldap.synchronization.java.naming.security.principal=uid=admin,ou=system
ldap.synchronization.java.naming.security.credentials=[MYPASSWORD]
ldap.synchronization.active=true

#ldap.synchronization.groupQuery=(objectclass=groupOfNames)
#ldap.synchronization.groupDifferentialQuery=(&(objectclass=groupOfNames)(!(modifyTimestamp<\={0})))

#ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
#ldap.synchronization.personDifferentialQuery=(&(objectclass=inetOrgPerson)(!(modifyTimestamp<\={0})))

# Group
ldap.synchronization.groupSearchBase=ou=groups,ou=system

# User
ldap.synchronization.userSearchBase=ou=users,ou=system
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail

# Sync
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
synchronization.import.cron=0 */15 * * * ?
create.missing.people=false

 

So, if you have any idea what is happining I'll be glad to know your answer and help.

 

Thanks in advance.

 

Fábio

Outcomes