Fórum

Password Synchronization Issue with AD and LDAP

Payal Gandhi, modificado 15 Anos atrás.

Password Synchronization Issue with AD and LDAP

New Member Mensagem: 1 Data de Entrada: 27/03/09 Postagens Recentes
Hello,

We have configured Liferay to use LDAP Authentication with AD. We have a problem when a user changes their password in AD only the old password works to login to liferay.

Can someone please with this. FYI we are on the 4.3.2 version of liferay. Was this a bug and been fixed in the newer releases?

Thanks
PG
Patrice Laramee, modificado 12 Anos atrás.

RE: Password Synchronization Issue with AD and LDAP

New Member Postagens: 4 Data de Entrada: 25/01/11 Postagens Recentes
Hi,

I'm using liferay 6.0.6 with NTLM and LDAP for the authentication. I'm experiencing the same issue. If a password is changed on Active Directory the following will occur:

1- The user will be allowed to login with NTLM on the Portal
2- If the user tries to mount the webdav share, it will fail. If the user use his previous password. It will work.

I believe that's is a major concern since good practices recommend to change a password every XX days... I also believe that it's a default setting (GPO) in Active Directory to ask the user to change his password. If we setup a SSO, the last thing we want to do is ask the users to sync their passwords manually.

Anyone know the mechanic behind the LDAP integration?

I noticed that if you don't check 'Import' for the LDAP settings. The groups will not be sync.

-Pat
thumbnail
Mika Koivisto, modificado 12 Anos atrás.

RE: Password Synchronization Issue with AD and LDAP

Liferay Legend Postagens: 1519 Data de Entrada: 07/08/06 Postagens Recentes
I think the problem is that the portal does not know the password of the user when using SSO like NTLM. If you use normal Liferay login agains LDAP it would get the password used to authenticate agains the LDAP server and then update that to Liferays database.
Yann Lortie, modificado 12 Anos atrás.

RE: Password Synchronization Issue with AD and LDAP

New Member Postagens: 4 Data de Entrada: 10/01/12 Postagens Recentes
I also noticed a few issues...

I want to synchronize (with LDAP):
1) any User fields like Title
2) any User deletion
Could be done once a week, or on request.

Also, adding other fields like phone number and many others fields from the LDAP. Right now, I am considering writing a hook or an ext.
Do anybody knows if Liferay team will improve the LDAP sync ??
Thanks