• Active Directory connection with OpenKM 6.3 Community (on Suse Linux Enterprise Server 11)

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #39385  by winar
 
Hello community

I want connect my OpenKM Server (6.3.0 OpenKM Community version, SuSE Linux) with my Windows Server Active Drectory. The roles have been set up on OpenKM eg "ROLE_ADMIN" (for the admin user locally), "ROLE_USER_GROUP1", "ROLE_USER_GROUP2" (for support, consulting, etc. from AD).

How can I now connect users from the AD domain "test-domain.loc" with OpenKM.

eg of my AD-Tree structure:
- test-domain.loc
-- Users
--- User1, User2 etc.
-- Groups
--- Group1, Group2 etc.

Which file should I customize?

I suspect it will be a problem with the connection because OpenKM runs on a Linux server and I have a Windows Active Directory Server?

I saw the examples under http://wiki.openkm.com/index.php/LDAP_examples but I didn't really understand them.

Thanks and regards
Winar
 #39399  by jllort
 
Should be a ROLE_USER and then other roles like ROLE_GROUP1 etc...

You've not understand the example because should be the first time you navigate across the real AD. There's no problem about your application be on linux and you use microsoft Active directory, this is not a problem. Did you used Active directory explorer utility http://wiki.openkm.com/index.php/Active_Directory should start for it ( http://technet.microsoft.com/en-us/sysi ... 63907.aspx ).

See how integration has two steps -> login + displaying user and roles list ( Administration -> Configuration parameters ). My suggestion is start from second ( displaying users and roles and at the ens integrate the login -> OpenKM.xml )
 #46051  by jllort
 
Has not much sense, because there are not 2 AD integrations similars, each one has it's own singularities. Please do not hate me for what I'm going to say, but usually the problems comes because Administrators do not take real control of what it is an AD and they never they had navigate at low level. Usually they create users, and roles and not much else, but not navigated across the real setting ( for example with this tool https://docs.microsoft.com/en-us/sysint ... adexplorer ). Do not expect miracles with AD integration, the first time I needed 2 weeks for understanding how it works and how to integrate it ( from there passed some years and a lot of AD integrated ).

Only I can suggest patience and going step by step as is described in our documentation, we have explained so detailed as possible. AD integration in OpenKM have 2 steps, login and displaying roles and user list. You should starting with the second ( showing users and list ) and when you get it the login step is so easy.

Finally I suggest work with new documentation https://docs.openkm.com/kcenter/view/ok ... roles.html ( not with wiki.openkm.com what is deprecated ).

Work first with configuration parameters https://docs.openkm.com/kcenter/view/ok ... parameters and later with the OpenKM.xml ( login ).

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.