Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Sam Collett
Liferay 6.1 RC1 - LDAP import works, authentication doesn't
January 4, 2012 8:05 AM
Answer

Sam Collett

Rank: Junior Member

Posts: 59

Join Date: November 13, 2008

Recent Posts

Set up Liferay 61. RC1 on a Windows Server 2008 R2 using a SQL Server database. I have managed to import from Active Directory the users I want. However, I cannot log in using the credentials of a user that has been imported. Worked in 6.0.6 (set up the same way) but not the release candidate.

portal-ext.properties (password not imported as shouldn't it pass through credentials?)

1ldap.import.interval=100
2ldap.import.method=group
3ldap.import.enabled=true
4ldap.import.on.startup=true
5ldap.import.user.password.enabled=false
6ldap.import.user.password.autogenerated=true


Authentication search filter is set to (&(objectCategory=person)(sAMAccountName=@screen_name@))

When I log in, I don't see anything in the Tomcat console window.
Hiran Chaudhuri
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
January 5, 2012 1:52 AM
Answer

Hiran Chaudhuri

Rank: Regular Member

Posts: 174

Join Date: September 1, 2010

Recent Posts

Sam Collett:
Set up Liferay 61. RC1 on a Windows Server 2008 R2 using a SQL Server database. I have managed to import from Active Directory the users I want. However, I cannot log in using the credentials of a user that has been imported. Worked in 6.0.6 (set up the same way) but not the release candidate.

portal-ext.properties (password not imported as shouldn't it pass through credentials?)

1ldap.import.user.password.enabled=false
2ldap.import.user.password.autogenerated=true

Just a guess:

Why is password import disabled, but password autogeneration is true?
Either that second setting has no value, or it could cause LR to generate new passwords during import, which then are probably different from the LDAP version.
What happens if you change it to false?
Sam Collett
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
January 5, 2012 4:14 AM
Answer

Sam Collett

Rank: Junior Member

Posts: 59

Join Date: November 13, 2008

Recent Posts

Hiran Chaudhuri:

Just a guess:

Why is password import disabled, but password autogeneration is true?
Either that second setting has no value, or it could cause LR to generate new passwords during import, which then are probably different from the LDAP version.
What happens if you change it to false?



It worked with the current stable 6.0.6 version, so thought it should with this one. However, I don't see how Liferay distinguishes and imported LDAP user from one created in the portal itself (just from looking at the User_ table). Based on Use case B in Keeping user passwords secure
Hiran Chaudhuri
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
January 6, 2012 1:08 AM
Answer

Hiran Chaudhuri

Rank: Regular Member

Posts: 174

Join Date: September 1, 2010

Recent Posts

Sam Collett:
Hiran Chaudhuri:

Why is password import disabled, but password autogeneration is true?

It worked with the current stable 6.0.6 version, so thought it should with this one. However, I don't see how Liferay distinguishes and imported LDAP user from one created in the portal itself (just from looking at the User_ table). Based on Use case B in Keeping user passwords secure

Ok, that makes sense.

Thank you also for the link, it increased my understanding of the LDAP integration.
However I am still worried what happens if a user is removed on LDAP, because then LR cannot import user data and things it has a local account only.
Which would mean the company decides to remove user credentials, but LR still let's that user in.
Michael John Macrohon
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
August 16, 2012 7:49 PM
Answer

Michael John Macrohon

Rank: New Member

Posts: 4

Join Date: August 16, 2012

Recent Posts

Hi Hiran,

There is an option in liferay to authentication user only from AD (LDAP) and will not allow other users that are not registered active user from AD.

In version 6.x goto Portal Settings->LDAP->Authentication check Required option.
Scharwenka Wu
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
December 20, 2012 10:36 PM
Answer

Scharwenka Wu

Rank: New Member

Posts: 4

Join Date: December 20, 2012

Recent Posts

I have the same issue of 6.1 RC2.

I can import MS-Active Director user into Liferay, but authentication failed.

Set to "Required" is not work.

It look like Liferay will import password, and then do authentication itself.
But in most situation, AD password is encrypted and cannot be gotten.
We just wants that Liferay can do authentication with AD, anybody knows how to do that?

Regads,
Scharwenka Wu
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
December 21, 2012 3:10 AM
Answer

Scharwenka Wu

Rank: New Member

Posts: 4

Join Date: December 20, 2012

Recent Posts

In 6.1.1 RC2 , it work.

Just setup correct LDAP setting. And check the "enable" + "use LDAP Policy", then
no mater using "screen name" or "e-mail", it will do authentication with AD.
Gustavo Pimenta
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
October 30, 2013 1:07 PM
Answer

Gustavo Pimenta

Rank: New Member

Posts: 5

Join Date: October 28, 2013

Recent Posts

Scharwenka Wu:
In 6.1.1 RC2 , it work.

Just setup correct LDAP setting. And check the "enable" + "use LDAP Policy", then
no mater using "screen name" or "e-mail", it will do authentication with AD.



Hello!!!
What would be the correct LDAP setting?
Could you please give a screenshot?