Home

configure Alfresco with Active Directory

You are here

21 posts / 0 new
Last post
configure Alfresco with Active Directory

Hi,

I'm a newbie to use and configure Alfresco. I want to add in Alfresco the users located in our Active Directory.
Can someone help me ? is there an example or samples to use?

Thanks a lot,

Imad

Re: configure Alfresco with Active Directory

Are you using AD for authentication alone or for syncing user groups from AD to Alfresco....
For syncing user groups might need to use LDAP-AD authentication chain.
http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems

Re: configure Alfresco with Active Directory

ssaravanan wrote:
Are you using AD for authentication alone or for syncing user groups from AD to Alfresco....
For syncing user groups might need to use LDAP-AD authentication chain.
http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems

Hi,

If I want to use AD for authentication, is it easy to do? Does it affect the AD performance?

Thanks,

Imad

Re: configure Alfresco with Active Directory

create the following folders tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/
and copy the files tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/*.properties to the above folder.
Now edit the file tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/passthru-authentication-context.properties

Quote:
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=DOMAIN\\192.168.xx.xx
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=ssellathurai
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

Edit tomcat/shared/classes/alfresco-global.properties and change the authentication chain to look something like this,
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru
Hope this helps

Re: configure Alfresco with Active Directory

ssaravanan wrote:
create the following folders tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/
and copy the files tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/*.properties to the above folder.
Now edit the file tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/passthru-authentication-context.properties
Quote:
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=DOMAIN\\192.168.xx.xx
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=ssellathurai
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

Edit tomcat/shared/classes/alfresco-global.properties and change the authentication chain to look something like this,
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru
Hope this helps

Hi,

tehre is no authentication.chain= in tomcat/shared/classes/alfresco-global.properties.

Have I to add it? and restart the services?

Thanks a lot,

Imad

Re: configure Alfresco with Active Directory

You can add it , most often it would be commented which you might need to uncomment.

Re: configure Alfresco with Active Directory

Hi,

I did, and I restart the Alfresco services and when I try to connect to the Alfresco I get this message:

The remote server may be unavailable or your authentication details have not been recognized.

Here is the configuration file:

/opt/alfresco-3.3.3/tomcat/shared/classes/alfresco/extension/subsystems/Authenication/passthru/passthru1/passthru-authentication-context.properties

passthru.authentication.useLocalServer=false
passthru.authentication.domain=TEV
passthru.authentication.servers=TEV\\192.168.2.11
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=adminst
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

I tried the admin account and adminst but it does not work.

Thanks,
Imad

Re: configure Alfresco with Active Directory

Hi,

I have install Alfresco 3.4a and I want use AD for autentication but I don't run.
I have test with your configuration file (with my domain name and ip adress).

In Alfresco Share, I have a lot of errors in My Calendar's Dashboard.
Error Code Information: 500 - An error inside the HTTP server which prevented it from fulfilling the request.

Is there another file has edit or I didn't understand.

Best regards,

Cédric

Re: configure Alfresco with Active Directory

Mordi33 wrote:
Hi,

I have install Alfresco 3.4a and I want use AD for autentication but I don't run.
I have test with your configuration file (with my domain name and ip adress).

In Alfresco Share, I have a lot of errors in My Calendar's Dashboard.
Error Code Information: 500 - An error inside the HTTP server which prevented it from fulfilling the request.

Is there another file has edit or I didn't understand.

Best regards,

Cédric

Hi Cédric,

Sorry, I'm a newbie in Alfresco and I'm not able to integrate AD in my Alfresco. I'm not able to conenct to Alfresco.
I don't know what it is missing in my configuration.

Thanks,

Imad

Re: configure Alfresco with Active Directory

@imad

Quote:
passthru.authentication.domain=TEV (this can be left empty)
passthru.authentication.servers=TEV\\192.168.2.11 (DOMAIN\\192.168.2.11)
passthru.authentication.defaultAdministratorUserNames=adminst (Do you have a user adminst ?)

Re: configure Alfresco with Active Directory

Hi,

I resolved my problem.

In the 3.4a version, not create directory "subsystems/****/***/***/***" but until directly edit the file in "tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems".

Now, alfresco authentication run with user's account and password directly since AD.

If an other person have this problem, it's the solution.

Cédric,

Re: configure Alfresco with Active Directory

Always you have to edit only the files in the classpath (tomcat/shared/classes/alfresco/extension folder) for customization as any changes
made to the exploded war file in ALfresco will be lost during upgrades.
Edit the
tomcat/conf/catalina.properties file and include the following line

Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/alfresco/extension/subsystems/****/***/***/***"

and restart Alfresco

Re: configure Alfresco with Active Directory

ssaravanan wrote:
@imad

Quote:
passthru.authentication.domain=TEV (this can be left empty)
passthru.authentication.servers=TEV\\192.168.2.11 (DOMAIN\\192.168.2.11)
passthru.authentication.defaultAdministratorUserNames=adminst (Do you have a user adminst ?)

Hi,

adminst exists in AD. I added this line in catalina.properties
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/extension/subsystems/****/***/***/***"

I restarted the Alfresco services but I get the same error message.

Any suggestion to debug these errors?

Thanks

Re: configure Alfresco with Active Directory

It should be

Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/alfresco/extension/subsystems/****/***/***/***"

and not

Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/extension/subsystems/****/***/***/***"

Re: configure Alfresco with Active Directory

ssaravanan wrote:
It should be
Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/alfresco/extension/subsystems/****/***/***/***"

and not

Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/extension/subsystems/****/***/***/***"

Hi,

I changed it. I try to connect by putting adminst and the password, but it does not work. Should I use the domain name to connect?

Thanks,

Imad

Re: configure Alfresco with Active Directory

ssaravanan wrote:
It should be
Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/alfresco/extension/subsystems/****/***/***/***"

and not

Quote:
shared.loader=${catalina.base}/shared/classes,${catalina.base}/shared/lib/*.jar,${catalina.base}/shared/classes/extension/subsystems/****/***/***/***"

Hi,

I want to confirm this information:

Do I need to copy /opt/alfresco-3.3.3/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/alfrescoNtlm in
tomcat/shared/classes/alfresco/extension/subsytems/Authenication/?

because there is no alfrescoNtlm under Authentication.
You suggested me to add :
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru
in alfresco-global.properties.

Can you confimr to me that?

Thanks,

Imad

Re: configure Alfresco with Active Directory

copy tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/alfrescoNtlm/*.properties to tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/

Quote:
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru

edit tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/alfresco-authentication.properties

Quote:
alfresco.authentication.authenticateCIFS=true

Re: configure Alfresco with Active Directory

ssaravanan wrote:
copy tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/alfrescoNtlm/*.properties to tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/

Quote:
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru

edit tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/alfresco-authentication.properties

Quote:
alfresco.authentication.authenticateCIFS=true

Hi,

I tried it but it does not work and here is the error in the alfresco.log:

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationComponent' defined in file [/opt/alfresco-3.3.3/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.xml]: Cannot resolve reference to bean 'passthruServers' while setting bean property 'passthruServers'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'passthruServers' defined in file [/opt/alfresco-3.3.3/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.xml]: Invocation of init method failed; nested exception is org.alfresco.error.AlfrescoRuntimeException: 09270002 Error setting passthru domain, Failed to find domain controller or browse master for DOMAIN

Here is my configurations folders:

#cd /opt/alfresco-3.3.3/tomcat/shared/classes/alfresco/extension/subsystems/Authenication
# ls
alfresco.log alfrescoNtlm passthru wcm www

# ls alfrescoNtlm/
alfresco-authentication-context.xml alfresco.log ntlm-filter.properties www
alfresco-authentication.properties ntlm-filter-context.xml wcm

# ls passthru/passthru1/
ntlm-filter.properties passthru-authentication-context.properties

Where is the issue?

Thanks,

Imad

Re: configure Alfresco with Active Directory

ssaravanan wrote:
copy tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/alfrescoNtlm/*.properties to tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/

Quote:
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru

edit tomcat/shared/classes/alfresco/extention/subsystems/Authentication/alfrescoNtlm/alfresco-authentication.properties

Quote:
alfresco.authentication.authenticateCIFS=true

Hi,

I resolved my issues by configuring the files located in : /opt/alfresco-3.3.3/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication and not the shared folders.

It works fine and I was able to use LDAP-AD.

Thanks,

Imad

Re: configure Alfresco with Active Directory

Thanks

Thanks & Regards
Murali
CRISIL Ltd..
Mumbai

Re: configure Alfresco with Active Directory

Hey imad77, I'm also having this problem, could you list exactly which files you changed and what you changed in them? I'm using Alfresco 3.4b, Thanks!

forums index