AnsweredAssumed Answered

How to implement Azure AD Integration with alfresco community edition 5.2(We are installed alfresco in cloud).

Question asked by leela on Jul 23, 2019
Latest reply on Jul 26, 2019 by heiko.robert

Hello Everyone,

 

       Kindly help to solve this issue, how to integrate Azure AD integration with alfresco community edition 5.2, 

 

For your reference below i have attached with files(ldap-ap-properties file), if done any mistakes kindly rectify this issue immediately.

 

ldap.authentication.allowGuestLogin=false
### LDAP-AD Auth ###

ldap.authentication.active=true
ldap.authentication.userNameFormat=%s@xxx.onmicrosoft.com
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://xxxx.onmicrosoft.com:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=administrator, admin


### LDAP-AD Synch ###

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=xxxx@xxx.onmicrosoft.com
ldap.synchronization.java.naming.security.credentials=xxxxx
ldap.synchronization.queryBatchSize=5000
ldap.synchronization.attributeBatchSize=5000
synchronization.synchronizeChangesOnly=false
synchronization.allowDeletions=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.import.cron=0 0/15 * * * ?
ldap.synchronization.groupQuery=(objectclass\=group)

ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

ldap.synchronization.groupSearchBase=ou\=Groups,ou\=xxx,dc=xxx,dc=onmicrosoft,dc=com

ldap.synchronization.userSearchBase=ou\=Users,ou\=xxx,dc=xxx,dc=onmicrosoft,dc=com

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp

ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

ldap.synchronization.userIdAttributeName=sAMAccountName

ldap.synchronization.userFirstNameAttributeName=givenName

ldap.synchronization.userLastNameAttributeName=sn

ldap.synchronization.userEmailAttributeName=mail

ldap.synchronization.userOrganizationalIdAttributeName=company

ldap.synchronization.groupIdAttributeName=cn

ldap.synchronization.groupDisplayNameAttributeName=displayName

ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

ldap.synchronization.groupType=group

ldap.synchronization.personType=user

ldap.synchronization.groupMemberAttributeName=member

 

 

in global-properties files

 

######Active Directory#######


### Authentication ###
authentication.chain=alfrescoNtlm1:alfrescoNtlm, ldap1:ldap-ad,ldap2:ldap-ad
ntlm.authentication.sso.enabled=false

authentication.protection.enabled=false

Outcomes