OKM 5.1.10 Active Directory

[Catscratch]

Hi,

in the migration guide you wrote:

OpenKM now shows the username and not the user id. If you has configured LDAP integration, you need to take care of these new configuration options. For more info, read Active Directory OpenKM 5.1

What are this new configuration options? I can't access the page http://wiki.openkm.com/index.php/Active ... OpenKM_5.1

I already asked I think about 4 or 5 times for an account and wanted to pay for the account, but the sales department don't get it to respond my request. The only respond I got was "Thank you. I'm forwarding your mail to the appropriate person."

So I try to ask here, what are these new configuration options?

Thank you

[jllort]

What you said is really strange because all queries from our website forms are centralized, could be some problem with your mail addres ? tell me in private which mail addres are you using.

With latest openkm version you can get username not only the id of the user

principal.ldap.username.search.base=cn=users,dc=weyler,dc=local
principal.ldap.username.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.username.attribute=cn

[Catscratch]

Thanks for your reply. I configured these options. But there is no change. I still see the user id (e.g. in the security tab). Do I have to activate a flag or something in this way, to switch to username visualization instead of user id?

And what principal.ldap.referral means?

Thank you.

[jllort]

If you do not see in administration something is wrong.

referal indicates if queries will be recursively across all yuor ldap nodes ( that has follow value when users are distributed in several nodes othercase this value should be empty - take a look at advanced configuration )

[Catscratch]

Hm ok. In the admin tab I see the same username for every user?!

Here is the configuration that works for user id's.

Code: Select all

principal.ldap.user.attribute = sAMAccountName	  
principal.ldap.user.search.base = ou=MMTOpenUsers,dc=mmtopen,dc=de	  
principal.ldap.user.search.filter = (&(objectClass=person)(memberOf=cn=OpenKMAllUsers,cn=Users,dc=mmtopen,dc=de))	  
principal.ldap.username.attribute = cn	  
principal.ldap.username.search.base = ou=MMTOpenUsers,dc=mmtopen,dc=de	  
principal.ldap.username.search.filter = (&(objectClass=person)(memberOf=cn=OpenKMAllUsers,cn=Users,dc=mmtopen,dc=de))

Do you have any hint?

[jllort]

The error is here principal.ldap.username.search.filter = (&(objectClass=person)(memberOf=cn=OpenKMAllUsers,cn=Users,dc=mmtopen,dc=de)) you're not filtering by user should be something like (&(objectClass=person)(memberOf=cn=OpenKMAllUsers,cn=Users,dc=mmtopen,dc=de)(sAMAccountName={0})) here you're filtering by user id

I suggest you make you execute your queries with apache ldap studio and you will understand better the purpose of each one, with your first version you get all usersname with second get only one filtered by id

[Catscratch]

Thanks for your reply.

I changed it, an now I can see the user names in the administrator tab. But now there is another problem. In the workspace tab in security I now the the username instead of the user id. But I see the same username for all users.

E.g. before (in the security tab, on a folder):
userId1
userId2
userId3

And now:
firstname5 lastname5
firstname5 lastname5
firstname5 lastname5
firstname5 lastname5

In administrator tab I see:
userId1 = firstname1 lastname1
userId2 = firstname2 lastname2
...

Thanks for your advice.

[jllort]

If problem is corrected on administration should be corrected in UI too, after changing it should refresh browser because has old data. Let me know if after refreshing - and in administration values are right - problem persist ?

[Catscratch]

Thanks! It's working. Indeed it was a caching problem. Sorry.