组合视图 统一视图 树状图
讨论主题 [ 上一个 | 下一个 ]
toggle
Sam Collett
Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年1月4日 上午8:05
答复

Sam Collett

等级: Junior Member

帖子: 60

加入日期: 2008年11月13日

最近的帖子

Set up Liferay 61. RC1 on a Windows Server 2008 R2 using a SQL Server database. I have managed to import from Active Directory the users I want. However, I cannot log in using the credentials of a user that has been imported. Worked in 6.0.6 (set up the same way) but not the release candidate.

portal-ext.properties (password not imported as shouldn't it pass through credentials?)

1ldap.import.interval=100
2ldap.import.method=group
3ldap.import.enabled=true
4ldap.import.on.startup=true
5ldap.import.user.password.enabled=false
6ldap.import.user.password.autogenerated=true


Authentication search filter is set to (&(objectCategory=person)(sAMAccountName=@screen_name@))

When I log in, I don't see anything in the Tomcat console window.
Hiran Chaudhuri
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年1月5日 上午1:52
答复

Hiran Chaudhuri

等级: Regular Member

帖子: 174

加入日期: 2010年9月1日

最近的帖子

Sam Collett:
Set up Liferay 61. RC1 on a Windows Server 2008 R2 using a SQL Server database. I have managed to import from Active Directory the users I want. However, I cannot log in using the credentials of a user that has been imported. Worked in 6.0.6 (set up the same way) but not the release candidate.

portal-ext.properties (password not imported as shouldn't it pass through credentials?)

1ldap.import.user.password.enabled=false
2ldap.import.user.password.autogenerated=true

Just a guess:

Why is password import disabled, but password autogeneration is true?
Either that second setting has no value, or it could cause LR to generate new passwords during import, which then are probably different from the LDAP version.
What happens if you change it to false?
Sam Collett
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年1月5日 上午4:14
答复

Sam Collett

等级: Junior Member

帖子: 60

加入日期: 2008年11月13日

最近的帖子

Hiran Chaudhuri:

Just a guess:

Why is password import disabled, but password autogeneration is true?
Either that second setting has no value, or it could cause LR to generate new passwords during import, which then are probably different from the LDAP version.
What happens if you change it to false?



It worked with the current stable 6.0.6 version, so thought it should with this one. However, I don't see how Liferay distinguishes and imported LDAP user from one created in the portal itself (just from looking at the User_ table). Based on Use case B in Keeping user passwords secure
Hiran Chaudhuri
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年1月6日 上午1:08
答复

Hiran Chaudhuri

等级: Regular Member

帖子: 174

加入日期: 2010年9月1日

最近的帖子

Sam Collett:
Hiran Chaudhuri:

Why is password import disabled, but password autogeneration is true?

It worked with the current stable 6.0.6 version, so thought it should with this one. However, I don't see how Liferay distinguishes and imported LDAP user from one created in the portal itself (just from looking at the User_ table). Based on Use case B in Keeping user passwords secure

Ok, that makes sense.

Thank you also for the link, it increased my understanding of the LDAP integration.
However I am still worried what happens if a user is removed on LDAP, because then LR cannot import user data and things it has a local account only.
Which would mean the company decides to remove user credentials, but LR still let's that user in.
Michael John Macrohon
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年8月16日 下午7:49
答复

Michael John Macrohon

等级: New Member

帖子: 4

加入日期: 2012年8月16日

最近的帖子

Hi Hiran,

There is an option in liferay to authentication user only from AD (LDAP) and will not allow other users that are not registered active user from AD.

In version 6.x goto Portal Settings->LDAP->Authentication check Required option.
Scharwenka Wu
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年12月20日 下午10:36
答复

Scharwenka Wu

等级: New Member

帖子: 4

加入日期: 2012年12月20日

最近的帖子

I have the same issue of 6.1 RC2.

I can import MS-Active Director user into Liferay, but authentication failed.

Set to "Required" is not work.

It look like Liferay will import password, and then do authentication itself.
But in most situation, AD password is encrypted and cannot be gotten.
We just wants that Liferay can do authentication with AD, anybody knows how to do that?

Regads,
Scharwenka Wu
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2012年12月21日 上午3:10
答复

Scharwenka Wu

等级: New Member

帖子: 4

加入日期: 2012年12月20日

最近的帖子

In 6.1.1 RC2 , it work.

Just setup correct LDAP setting. And check the "enable" + "use LDAP Policy", then
no mater using "screen name" or "e-mail", it will do authentication with AD.
Gustavo Pimenta
RE: Liferay 6.1 RC1 - LDAP import works, authentication doesn't
2013年10月30日 下午1:07
答复

Gustavo Pimenta

等级: New Member

帖子: 5

加入日期: 2013年10月28日

最近的帖子

Scharwenka Wu:
In 6.1.1 RC2 , it work.

Just setup correct LDAP setting. And check the "enable" + "use LDAP Policy", then
no mater using "screen name" or "e-mail", it will do authentication with AD.



Hello!!!
What would be the correct LDAP setting?
Could you please give a screenshot?