Quantcast
Channel: Alfresco Forums - Authentication, LDAP, & SSO
Viewing all articles
Browse latest Browse all 165

LDAP Syncronization with passthru not working the way I would expect?

July 23, 2015, 2:02 pm
$
0
0
Authentication, LDAP, & SSO

I think I'm missing something in the documentation about accouns that are already created and ldap synchronization. We have passthru and ldap authentication working (Atleast I think, but our ldap sync task is not pulling all of our ldap users in alfresco, and we don't see the givenName or sn from AD being synchronized into alfresco. Could you guys explain why this is happening? 

###############################
## Common Alfresco Properties #
###############################
 
 
# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=UNKNOWN
 
 
 
 
 
### E-mail site invitation setting ###
notification.email.siteinvite=false 
### License location ###
dir.license.external=D:/leveldata/apps/Alfresco
 
 
 
### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.port.ssl=8443 
 
### BPM Engine ###
system.workflow.engine.jbpm.enabled=false 
 
### Allow extended ResultSet processing
security.anyDenyDenies=false 
#Custom Settings from
 
mail.host=mailrelay
mail.port=25
mail.username=
mail.password=
mail.encoding=UTF-8
mail.from.default=noreply@us.com
mail.smtp.auth=false 
 
mail.testmessage.send=true
mail.testmessage.to=nus@us.com
mail.testmessage.subject=Outbound SMTP
 
mail.testmessage.text=The Outbound SMTP email subsystem is working.
 
#Authentication settings
#passthru1:passthru
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap,passthru1:passthru
ntlm.authentication.sso.enabled=false 
 
### CIFS/SMB Server Configuration ###
cifs.enabled=true
cifs.domain=ld.local
cifs.serverName=${localname}A
cifs.hostannounce=true 
 
#CIFS with LDAP We have to use passthru for CIFS due to limitations in how cifs has to authenticate
ntlm.authentication.authenticateCIFS=false
#Must be disabled to allow chained password-based login
ntlm.authentication.sso.enabled=false 
 
 
 
#ntlm.authentication.mapUnknownUserToGuest=false 
 
alfresco.authentication.authenticateCIFS=false
#alfresco.authentication.allowGuestLogin=false 
passthru.authentication.authenticateCIFS=true 
 
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=admin
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
passthru.authentication.servers=LD\\10.1.1.1
 
passthru.authentication.offlineCheckInterval=300 
 
#LDAP authentication
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@domain.local
ldap.authentication.java.naming.provider.url=ldap://domain.local:389
ldap.authentication.defaultAdministratorUserNames=admin
ldap.authentication.active=false
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=alfresco_service@domain
ldap.synchronization.java.naming.security.credentials=somepassword
ldap.synchronization.groupSearchBase=OU=Groups,OU=domain,DC=local
ldap.synchronization.userSearchBase=DC=domain,DC=local
 
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
 
synchronization.synchronizeChangesOnly=false
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.autoCreatePeopleOnLogin=false 
 
#JMX - No JMX in community edition 
#alfresco.rmi.services.host=alfresco.something.com
#alfresco.rmi.services.port=50500
alfresco.rmi.services.host=0.0.0.0
alfresco.rmi.services.port=50500

Alfresco.log

2015-07-23 00:00:01,565 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Synchronizing users and groups with user registry 'ldap1'2015-07-23 00:00:03,112 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Full synchronization with user registry 'ldap1'2015-07-23 00:00:03,112 WARN  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Some users and groups previously created by synchronization with this user registry may be removed.
2015-07-23 00:00:03,143 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Retrieving all groups from user registry 'ldap1'2015-07-23 00:00:03,237 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Commencing batch of 0 entries
2015-07-23 00:00:03,237 INFO  [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Synchronization,Category=directory,id1=ldap1,id2=1 Group Analysis: Completed batch of 0 entries
2015-07-23 00:00:15,331 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 062343424 Error during LDAP Search. Reason:LDAP response read timed out, timeout used:0ms.
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1298)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:556)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1462)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1400(ChainingUserRegistrySynchronizer.java:960)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1680)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:700)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:429)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:46)
	at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:42)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:0ms.; remaining name 'DC=ld,DC=local'
	at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at javax.naming.directory.InitialDirContext.search(Unknown Source)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1277)
	... 11 more
2015-07-23 00:00:15,862 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer][DefaultScheduler_Worker-4] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 062343424 Error during LDAP Search. Reason:LDAP response read timed out, timeout used:0ms.
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1298)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:556)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1462)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1400(ChainingUserRegistrySynchronizer.java:960)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1680)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:700)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:429)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:46)
	at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:42)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:0ms.; remaining name 'DC=ld,DC=local'
	at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at javax.naming.directory.InitialDirContext.search(Unknown Source)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1277)
	... 11 more
2015-07-23 00:00:15,862 ERROR [org.quartz.core.JobRunShell][DefaultScheduler_Worker-4] Job DEFAULT.ldapPeopleJobDetail threw an unhandled Exception: 
org.alfresco.error.AlfrescoRuntimeException: 062343424 Error during LDAP Search. Reason:LDAP response read timed out, timeout used:0ms.
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1298)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:556)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1462)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1400(ChainingUserRegistrySynchronizer.java:960)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1680)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:700)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:429)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:46)
	at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:42)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:0ms.; remaining name 'DC=ld,DC=local'
	at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at javax.naming.directory.InitialDirContext.search(Unknown Source)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1277)
	... 11 more
2015-07-23 00:00:15,862 ERROR [org.quartz.core.ErrorLogger][DefaultScheduler_Worker-4] Job (DEFAULT.ldapPeopleJobDetail threw an exception.
org.quartz.SchedulerException: Job threw an unhandled exception. [See nested exception: org.alfresco.error.AlfrescoRuntimeException: 062343424 Error during LDAP Search. Reason:LDAP response read timed out, timeout used:0ms.]
	at org.quartz.core.JobRunShell.run(JobRunShell.java:227)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
Caused by: org.alfresco.error.AlfrescoRuntimeException: 062343424 Error during LDAP Search. Reason:LDAP response read timed out, timeout used:0ms.
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1298)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.getPersonNames(LDAPUserRegistry.java:556)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.processGroups(ChainingUserRegistrySynchronizer.java:1462)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer$1Analyzer.access$1400(ChainingUserRegistrySynchronizer.java:960)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.syncWithPlugin(ChainingUserRegistrySynchronizer.java:1680)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronizeInternal(ChainingUserRegistrySynchronizer.java:700)
	at org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer.synchronize(ChainingUserRegistrySynchronizer.java:429)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob$1.doWork(UserRegistrySynchronizerJob.java:46)
	at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
	at org.alfresco.repo.security.sync.UserRegistrySynchronizerJob.execute(UserRegistrySynchronizerJob.java:42)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
	... 1 more
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:0ms.; remaining name 'DC=ld,DC=local'
	at com.sun.jndi.ldap.Connection.readReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.getSearchReply(Unknown Source)
	at com.sun.jndi.ldap.LdapClient.search(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
	at javax.naming.directory.InitialDirContext.search(Unknown Source)
	at org.alfresco.repo.security.sync.ldap.LDAPUserRegistry.processQuery(LDAPUserRegistry.java:1277)
	... 11 more
Search
Viewing all articles
Browse latest Browse all 165

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

February 16, 2017, 4:24 pm

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

January 5, 2014, 10:34 pm

Ominde Commission Report and Recommendations – Ominde Report of 1964

March 16, 2015, 5:14 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

March 26, 2017, 11:23 pm

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

October 17, 2016, 7:20 am

Mp3 Download: Mdu - Kunjenjenjena

December 7, 2017, 8:16 am

How the kill the job , when DTP request running for long hours.

July 26, 2013, 2:41 am

Microsoft Intune から展開しているアプリのアップデートについて

October 17, 2016, 4:11 am

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

September 1, 2017, 10:00 pm

Car crash in Dunton Bassett leaves driver in critical condition

October 7, 2014, 7:51 am

Macky 2, Two Others In Road Accident

March 29, 2015, 5:34 am

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

May 14, 2015, 11:27 pm

Detroit mafia: D’Anna Brothers agree to plea deal

April 21, 2016, 6:56 am

Delivery block field greyed out using VA02

January 26, 2016, 2:52 pm

Muloraki Au

June 22, 2016, 1:44 am

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出w【リベンジポルノ】@PornHub

October 12, 2017, 2:23 pm

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

February 9, 2018, 4:56 am

FIAT 500 B0111 B0112

July 5, 2018, 10:31 am
Search