AnsweredAssumed Answered

Not able to Login during LDAP AD Integration

Question asked by raghunandangowda on Apr 23, 2018
Latest reply on Apr 28, 2018 by cesarista

Hi,

I've used the below code for the LDAP AD Integration. Problem which I'm facing is: I'm not able to login, it is showing "Unable to Connect" when I click on Login button. I mentioned the LDAP URL in the below code.

Please, tell where I'm supposed to change to make it right in my code. I didn't get this since I'm new to Alfresco and LDAP Integration.

And Please clear me about this LDAP authentication flow.

 

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=raghunandan.p@xyz.com
## ,ou\=people,dc\=xyz,dc\=com

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url="ldap://xyzexchsvr.xyz.com:389"
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=true
ldap.authentication.escapeCommasInUid=true
ldap.authentication.defaultAdministratorUserNames=admin,raghunandan
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=raghunandan.p@xyz.com
### cn\=raghunandan,dc\=xyz,dc\=com  
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000

 

ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupOfNames)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(objectclass\=inetOrgPerson)
ldap.synchronization.personDifferentialQuery=(&(objectclass\=inetOrgPerson)(!(modifyTimestamp<\={0})))

 

ldap.synchronization.userSearchBase=ou\=people,dc\=xyz,dc\=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'Z'
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail

ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

ldap.synchronization.personType=inetOrgPerson

ldap.synchronization.enableProgressEstimation=true

 

And added the below two lines in alfresco-global.properties file

 

ntlm.authentication.sso.enabled=false
authentication.chain=alfinst:alfrescoNtlm,ldap-ad1:ldap-ad

Outcomes