authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad
create.missing.people=false
alfresco.authentication.allowGuestLogin=false
# Disable guest logins
ntlm.authentication.mapUnknownUserToGuest=false
# Disable guest logins
ntlm.authentication.sso.enabled=false
# Disable SSO logins
ldap.synchronization.groupSearchBase=dc=test,dc=local
# Domain search base
ldap.synchronization.userSearchBase=dc=test,dc=local
# Domain search base
#########################
#LDAP AUTHENTIFICATION #
#########################
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
# Disable guest logins
ldap.authentication.userNameFormat=%s@test.local
ldap.authentication.java.naming.provider.url=ldap://AD_SERVER_ADDRESS:389
# AD server address
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
# Admin users logins
########################
#LDAP SYNCHRONISATION #
########################
synchronization.synchronizeChangesOnly=false
# Do full synchronize
synchronization.allowDeletions=true
# Allow deletion info from local Alfresco
synchronization.syncWhenMissingPeopleLogIn=true
# Tries to find user in allowed Ad group
synchronization.syncOnStartup=true
# synchronize AD on reboot
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=ldap_read
# User with LDAP read rights login
ldap.synchronization.java.naming.security.credentials=asdf1234+
# User with LDAP read rights password
synchronization.import.cron=00/15 * * * ?
# synchronisation starts every 15 minutes!
#####################
#LDAP PERSON QUERY #
#####################
ldap.synchronization.personQuery=(&(objectclass\=user)
(memberOf\=cn\=alfresco,ou\=alfrescounit,dc\=test,dc\=local)
(userAccountControl:1.2.840.113556.1.4.803:=512))
# Query to grabb all users in alfresco group with full path
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)
(memberOf\=cn\=alfresco,ou\=alfrescounit,dc\=test,dc\=local)
(userAccountControl:1.2.840.113556.1.4.803:=512))
# Query to grabb all users in alfresco group with full path (force full sync)
#####################
#LDAP GROUP QUERY #
####################
ldap.synchronization.groupQuery=(&(objectclass\=group)(|(cn\=alfresco)
(memberOf\=cn\=alfresco,ou\=alfrescounit,dc\=test,dc\=local)))
# Query to grabb alfresco group with full path
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)
(|(cn\=alfresco)(memberOf\=cn\=alfresco,ou\=alfrescounit,dc\=test,dc\=local)))
# Query to grabb alfresco group with full path (force full sync) |