How to Setup Windows AD authentication on Alfresco Share
Setting up AD authentication on Alfresco is pretty trivial. Here are the steps:
Navigate to tomcat/shared/classes on the Alfresco root folder
cd tomcat/shared/classes
You should see the file alfresco-global.properties. make a copy of this file
sudo cp alfresco-global.properties alfresco-global.properties.original
now lets edit the file, open the vi editor
sudo vi alfresco-global.properties
Add the following lines at the very end
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
ldap.authentication.active=true
ldap.authentication.userNameFormat=%s@ezref.info
ldap.authentication.java.naming.provider.url=ldap://1.1.1.1:3268
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=serviceaccount@domainname
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.groupSearchBase=dc\=ezref,dc\=info
ldap.synchronization.userSearchBase=dc\=ezref,dc\=info
synchronization.import.cron=0 0 * * * ?
Note:
Replace the %s@ezref.info with your domain name
Replace the ldap=://1.1.1.1:3268 with the IP address of your LDAP server
Replace the principal=serviceacount@domainname with the account that will synchronize the ldap accounts
Replace the password with the LDAP service account password
Replace the groupSearchBase=dc\... with your domain
Replace the userSearchBase=dc\.. with your domain
save the file and go to the Alfresco root folder
cd /opt/alfresco-4.0.d
Reboot the Alfresco server
sudo ./alfresco.sh restart
Once the server has started, check the logs and you should see the user accounts being synchronized
tail -f alfresco.log
Test if the LDAP authentication works by using the command:
ldapsearch -h 1.1.1.1:3268 -D ldapaccount@ezref.info -W -x
Now you can login using your Windows AD credentials