Home

LDAP Sync

You are here

12 posts / 0 new
Last post
LDAP Sync

Hi all,

I'm a newbie when it comes to Alfresco and I recently got Alfresco to authenticate with Active Directory but I have not been able to get the Sync to work. (I'm assuming its the sync that is supposed to populate Alfresco with AD users as well as their Contact information, correct?)

Anyone have any tips on what i may be missing?

Thanks!

Re: LDAP Sync

Have you turned it on?

No-one can help without details of what you have configured, what you are expecting and any errors from Alfresco.log.

Senior Software Engineer
Alfresco

Re: LDAP Sync

Re: LDAP Sync

Re: LDAP Sync

Thanks for the suggestion Imad! I copied and pasted it into my file but unfortunately, i still do not see any contact info in Alfresco nor do I see other AD users populated in the site.

Re: LDAP Sync

numan85 wrote:
Thanks for the suggestion Imad! I copied and pasted it into my file but unfortunately, i still do not see any contact info in Alfresco nor do I see other AD users populated in the site.

try to telnet AD_server:389 from Alfresco server
if it does not respond, it is something block in AD server or Alfresco server.

Re: LDAP Sync

numan85 wrote:
Thanks for the suggestion Imad! I copied and pasted it into my file but unfortunately, i still do not see any contact info in Alfresco nor do I see other AD users populated in the site.

Try to add these lines in this file:

/opt/alfresco-3.3.3/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Synchronization/default/default-synchronization.properties

synchronization.import.cron=* * * * * ?

Re: LDAP Sync

I was able to telnet to the server and I feel the connections are fine since Alfresco can authenticate against the AD..its just not pulling the information. Like now when i login..all it shows i my 6digit pin but it doesnt show my name, phone number, etc.

Originally in my default.sync file i had synchronization.import.cron=0 0 0 * * ? so i replaced it with synchronization.import.cron=* * * * * ? but still no luck.

I must have missed something along the way :oops:

Re: LDAP Sync

numan85 wrote:
I was able to telnet to the server and I feel the connections are fine since Alfresco can authenticate against the AD..its just not pulling the information. Like now when i login..all it shows i my 6digit pin but it doesnt show my name, phone number, etc.

Originally in my default.sync file i had synchronization.import.cron=0 0 0 * * ? so i replaced it with synchronization.import.cron=* * * * * ? but still no luck.

I must have missed something along the way :oops:

Coulkd you put 579666 instead ba\\579666? you should check that this account has schema admin privileges. Or try administrator account to eliminate the root issue.

Re: LDAP Sync

I removed the ba\\ and just put 579666 and was still able to logon so it authenticated but still no properties. This accout was created to have full rights on AD, it was actually used when we were implementing IBM's lotus connections and it was able to import active directory data into that application. We had an IBM contractor come in and do that though and they used the 579666 pin to bind to AD.

Thanks again for your suggestions IMAD, definitley helping me narrow down the issue.

Re: LDAP Sync

numan85 wrote:
I removed the ba\\ and just put 579666 and was still able to logon so it authenticated but still no properties. This accout was created to have full rights on AD, it was actually used when we were implementing IBM's lotus connections and it was able to import active directory data into that application. We had an IBM contractor come in and do that though and they used the 579666 pin to bind to AD.

Thanks again for your suggestions IMAD, definitley helping me narrow down the issue.

Hi,

You can try this suggestion:

edit the file and change the content of tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.properties
coyp this file to file tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/passthru-authentication-context.properties

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=ba\\xx.xx.xx.xx
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=admin_account
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

Edit tomcat/shared/classes/alfresco-global.properties and change the authentication chain to look something like this,
authentication.chain=alfinst:alfrescoNtlm,passthru1:passthru,ldap1:ldap-ad

restart the Alfresco services.

If it does not work, you will verify the content of your file ldap-authentication-context.properties

Imad

Re: LDAP Sync

Quote:
edit the file and change the content of tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.properties
coyp this file to file tomcat/shared/classes/alfresco/extension/subsytems/Authenication/passthru/passthru1/passthru-authentication-context.properties

Hmm it doesnt look like i have that 2nd path...I get to tomcat/share/classes/alfresco/extension but there is no subsystems folder in that path? Do i need to create the rest of it?