Online demo
Download
Contact

Because information matters

  • ACTIVE DIRECTORY Configuration

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Fri Apr 17, 2026 5:49 am

ACTIVE DIRECTORY Configuration

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

ACTIVE DIRECTORY Configuration

 #13179  by dungmonitor
 
Please help me config my AD
My AD structure:
Code: Select all
dc=com
    |_dc=icbv
           |_dc=hq
                 |_OU=SGD3
                     |_OU=Users
                          |_cn=user1
                          |_cn=user2
                          |_cn=Group 1
and login-config.xml
Code: Select all
<application-policy name = "OpenKM">
      <authentication>
		<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
          <module-option name="java.naming.provider.url">ldap://hq.icbv.com</module-option>          
          <module-option name="bindDN">CN=user1,ou=Users,ou=SGD3,DC=hq,DC=icbv,DC=com</module-option>
          <module-option name="java.naming.security.authentication">simple</module-option>
          <module-option name="bindCredential">Wsx123456</module-option>
          <module-option name="baseCtxDN">ou=Users,ou=SGD3,DC=hq,DC=icbv,DC=com</module-option>
          <module-option name="baseFilter">(sAMAccountName={0})</module-option>
          <module-option name="rolesCtxDN">ou=Users,ou=SGD3,DC=hq,DC=icbv,DC=com</module-option>
          <module-option name="roleFilter">(sAMAccountName={0})</module-option>
          <module-option name="roleAttributeID">memberOf</module-option>
          <module-option name="roleAttributeIsDN">true</module-option>
          <module-option name="roleRecursion">0</module-option>
          <module-option name="roleNameAttributeID">cn</module-option>
          <module-option name="searchScope">ONELEVEL_SCOPE</module-option>
          <module-option name="allowEmptyPasswords">false</module-option>
          <module-option name="java.naming.referral">follow</module-option>
        </login-module>
      </authentication>
When I login webpage errror:
Image
server log:
Code: Select all
2011-12-13 17:13:36,150 DEBUG [org.jboss.security.plugins.JaasSecurityManager.OpenKM] CallbackHandler: org.jboss.security.auth.callback.SecurityAssociationHandler@1555543
2011-12-13 17:13:36,150 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Created securityMgr=org.jboss.security.plugins.JaasSecurityManager@138d0b
2011-12-13 17:13:36,150 DEBUG [org.jboss.security.plugins.JaasSecurityManager.OpenKM] CachePolicy set to: org.jboss.util.TimedCachePolicy@190d35e
2011-12-13 17:13:36,150 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] setCachePolicy, c=org.jboss.util.TimedCachePolicy@190d35e
2011-12-13 17:13:36,150 DEBUG [org.jboss.security.plugins.JaasSecurityManagerService] Added OpenKM, org.jboss.security.plugins.SecurityDomainContext@124ed3b to map
Thank!

Re: ACTIVE DIRECTORY Configuration

 #13194  by pavila
 
Every OpenKM user should have the role UserRole or AdminRole to log into OpenKM.

Re: ACTIVE DIRECTORY Configuration

 #13294  by jllort
 
Obviously, because OpenKM security need for getting users connection grant to OpenKM. UserRole and AdminRole are used by application to get connection grant. The other roles defined by you are used across all repository you can set by secutiry but UserRole and AdminRole are defined into web.xml file where's defined application security ( not internal repository security that's what you're setting using UI ).
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -