Liferay not importing users from Active Directory

Fórumok

Bruno Galvao, módosítva 12 év-val korábban

Liferay not importing users from Active Directory

Junior Member Bejegyzések: 58 Csatlakozás dátuma: 2011.08.26. Legújabb bejegyzések

Test LDAP Connection - Successful
Test LDAP Users - Successful

LDAP Enabled
Import/Export Enabled
Import on Startup Enabled

I've restarted the domain, application even the server and no users are importing.

Any ideas?

Thanks!

Christianto Sahat, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Regular Member Bejegyzések: 179 Csatlakozás dátuma: 2007.09.25. Legújabb bejegyzések

Check your application server's console. Probably there are errors there. You can paste error message here.

Bruno Galvao:

Test LDAP Connection - Successful
Test LDAP Users - Successful

LDAP Enabled
Import/Export Enabled
Import on Startup Enabled

I've restarted the domain, application even the server and no users are importing.

Any ideas?

Thanks!

Jack Bakker, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Liferay Master Bejegyzések: 978 Csatlakozás dátuma: 2010.01.03. Legújabb bejegyzések

you might want to check also that you have required fields populated in AD (like email address which is required by default, though there is a portal-ext.properties entry you can set to turn that requirement off)

Bruno Galvao, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Junior Member Bejegyzések: 58 Csatlakozás dátuma: 2011.08.26. Legújabb bejegyzések

I have decided to configure LDAP through the portal-ext.properties file.

What needs to be included in the portal-ext.properties file for LDAP to import an AD user when they login? What about if I want to do a user import at startup?

ldap.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.base.provider.url=ldap://localhost:10389
ldap.base.dn=dc=example,dc=com
ldap.security.principal=uid=admin,ou=system
ldap.security.credentials=secret
ldap.referral=follow

ldap.auth.enabled=false
ldap.auth.required=false

ldap.auth.method=bind

ldap.user.mappings=screenName=cn\npassword=userPassword\nemailAddress=mail\n
firstName=givenName\nlastName=sn\njobTitle=title\ngroup=groupMembership

ldap.group.mappings=groupName=cn\ndescription=description\nuser=uniqueMember

ldap.import.enabled=false
ldap.import.on.startup=false
ldap.import.interval=10
ldap.import.user.search.filter=(objectClass=inetOrgPerson)
ldap.import.group.search.filter=(objectClass=groupOfUniqueNames)

ldap.import.method=user
ldap.import.method=group

ldap.password.policy.enabled=false
?

Jack Bakker, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Liferay Master Bejegyzések: 978 Csatlakozás dátuma: 2010.01.03. Legújabb bejegyzések

you have to choose either ldap.import.method=user or ldap.import.method=group, not both

investigate if you have a 'cn' in AD (you have screenName=cn)

in my config, I have

ldap.user.mappings=screenName=sAMAccountName\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\njobTitle=title\ngroup=groupMembership

and

ldap.auth.search.filter=(&(objectCategory=person)(sAMAccountName=@screen_name@))

Bruno Galvao, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Junior Member Bejegyzések: 58 Csatlakozás dátuma: 2011.08.26. Legújabb bejegyzések

Jack Bakker:

you have to choose either ldap.import.method=user or ldap.import.method=group, not both

investigate if you have a 'cn' in AD (you have screenName=cn)

in my config, I have

ldap.user.mappings=screenName=sAMAccountName\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\njobTitle=title\ngroup=groupMembership

and

ldap.auth.search.filter=(&(objectCategory=person)(sAMAccountName=@screen_name@))

Hi Jack,

Sorry for the late response. Any way you could post all you AD settings that you have in your portal-ext.properties and what you have changed in the GUI settings for LDAP and authentication?

Below is my portal-ext.properties (its not working):


ldap.import.enabled=true
ldap.import.on.startup=true
ldap.import.method=user
ldap.base.provider.url=ldap://pmg.css.corp:389
ldap.security.principal=pmginc\bruno galvao 
ldap.security.credentials=Orange01
ldap.users.dn=OU=ITS,OU=Moosic,OU=PMG Users,DC=pmg,DC=css,DC=corp
ldap.user.mappings=screenName=employeeID\npassword=userPassword\nemailAddress=mail\nfullName=cn\nfirstName=givenName\nlastName=sn\njobTitle=title\ngroup=memberOf
ldap.auth.search.filter=(mail=@email_address@)
ldap.import.user.search.filter=(objectClass=User)

Thanks,
Bruno

amit doshi, módosítva 12 év-val korábban

RE: Liferay not importing users from Active Directory

Liferay Master Bejegyzések: 550 Csatlakozás dátuma: 2010.12.29. Legújabb bejegyzések

Hi Bruno,

Can you please check the Lock_ table in database?

Is there any entry of LDAP related in that table then remove that entry from the Lock_ table...

And also one more thing can you plz give check by modifying properties in portal-ext.properties

ldap.auth.search.filter=(sAMAccountName=@screen_name@)

And also check that in AD if you have a 'cn' or 'uid' in AD (you have screenName=cn or screenname=uid).

If possible please attach the screenshot of AD structure.

Thanks & Regards,
Amit Doshi

Abhay Chaware, módosítva 10 év-val korábban

RE: Liferay not importing users from Active Directory

Junior Member Bejegyzések: 36 Csatlakozás dátuma: 2013.07.17. Legújabb bejegyzések

+1 for the lock_ table suggestion. I had same problem, the import failed because of password policy issue and it had created a lock that was set to expire a day later, So it was not importing on startup. I cleaned the lock, restarted the server and it successfully imported all users.