Online demo
Download
Contact

Because information matters

  • How to configure LDAP in openkm-6.2.0-community?

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Sun Apr 19, 2026 6:06 pm

How to configure LDAP in openkm-6.2.0-community?

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

How to configure LDAP in openkm-6.2.0-community?

 #18658  by i.zemliansky
 
Hello to everyone.

As soon as new community release moved to the production I would like to touch the topic of configuring LDAP in this newest app. As I can see the folder structure slightly changed in comparison to the v.5.1.0 and, for example, I can not find login-config.xml file. Am I right that all the necessary configuration is done via Administration -> Configuration menu?

Thank you in advance.

Re: How to configure LDAP in openkm-6.2.0-community?

 #18903  by ashley_420
 
Hi,

I am struggling with the same from couple of days, but could not get it working. I have tried the configurations given in the wiki here http://wiki.openkm.com/index.php/Active ... egration_2.

I can see users and groups populated in the administration view. I have created ROLE_ADMIN and ROLE_USER group in AD and assigned users to it. However, i still can not:-

1. Login using my AD username and password.
2. Can not assign any role to a user.

I enabled debugging also and found the following
Code: Select all
2012-10-26 14:57:30,063 [http-bio-0.0.0.0-80-exec-4] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
	'DC=DOMAIN,DC=local'
 ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
	'DC=DOMAIN,DC=local'
 ]; remaining name 'dc=DOMAIN,dc=local'
2012-10-26 14:57:30,063 [http-bio-0.0.0.0-80-exec-4] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Updated SecurityContextHolder to contain null Authentication
2012-10-26 14:57:30,063 [http-bio-0.0.0.0-80-exec-4] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Delegating to authentication failure handlerorg.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@9a4d14
2012-10-26 14:57:30,063 [http-bio-0.0.0.0-80-exec-4] DEBUG org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler - Redirecting to /login.jsp?error=1
2012-10-26 14:57:30,063 [http-bio-0.0.0.0-80-exec-4] DEBUG org.springframework.security.web.DefaultRedirectStrategy - Redirecting to '/OpenKM/login.jsp?error=1'
I am not sure what I am missing and how to fix it. Any help would be highly appreciated.

Thanks in advance.

Re: How to configure LDAP in openkm-6.2.0-community?

 #18919  by jllort
 
Post here your ldap structure and the OpenKM.xml file you're using. I suppose you have created ROLE_USER and ROLE_ADMIN ( uppercase in your ldap ) and assigned to users ( created okmAdmin too ). Tell us if you're on active directory, openldap or other..

Re: How to configure LDAP in openkm-6.2.0-community?

 #18928  by ashley_420
 
Hi,

We are using Windows 2003 Active Directory and our AD Structure is as below:-
Code: Select all
Our user accounts are distributed under deifferent nodes as below:
       For example:
	CN=USER1,OU=DEPARTMENT1,OU=COUNTRY1,DC=DOMAIN,DC=local  
	CN=USER2,OU=DEPARTMENT2,OU=COUNTRY2,DC=DOMAIN,DC=local
	CN=USER3,OU=DEPARTMENT3,OU=COUNTRY3,DC=DOMAIN,DC=local         

    All AD groups are are also distributed under deifferent nodes as below:
       For example:
       OU=Group1,OU=DOMAIN_Groups1,DC=DOMAIN,DC=local
       OU=Group2,OU=DOMAIN_Groups2,DC=DOMAIN,DC=local
       OU=Group3,OU=DOMAIN_Groups3,DC=DOMAIN,DC=local
However, based on configuration example and to make things easier first time, ROLE_ADMIN, ROLE_USER groups and okmAdmin user is created under default "users" container as below
Code: Select all
CN=ROLE_ADMIN,CN=Users,DC=DOMAIN,DC=local
CN=ROLE_USER,CN=Users,DC=DOMAIN,DC=local
CN=okm Admin,CN=Users,DC=DOMAIN,DC=local
My OpenKM.XML file is as below:-
Code: Select all
<security:authentication-manager alias="authenticationManager">
  <security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
 
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldap://192.168.1.2:389/dc=domain,dc=local"/>
  <beans:property name="userDn" value="CN=binduser,OU=Bind Accounts,dc=domain,dc=local"/>
  <beans:property name="password" value="binduserpassword"/>
  </beans:bean>
 
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="objectclass=group"/>
      <beans:property name="groupSearchFilter" value="memberOf={1}"/>
      <beans:property name="groupRoleAttribute" value="cn"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="false" />
      <beans:property name="rolePrefix" value="" /> 
    </beans:bean>
  </beans:constructor-arg>
</beans:bean>
 
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="" />
  <beans:constructor-arg index="1" value="sAMAccountName={0}" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
  </beans:bean>
Thanks in advance.

Re: How to configure LDAP in openkm-6.2.0-community?

 #18948  by jllort
 
I suggest remove dc=domain,dc=local with acitive directory installations I get some problems on get it here:
Code: Select all
<beans:constructor-arg value="ldap://192.168.1.2:389"/>
About it:
Code: Select all
<beans:constructor-arg value="objectclass=group"/>
<beans:property name="groupSearchFilter" value="memberOf={1}"/>
Replace to:
Code: Select all
<beans:constructor-arg value="[b]dc=domain,dc=local[/b]"/>
<beans:property name="groupSearchFilter" value="member={0}"/>
And it:
Code: Select all
 <beans:constructor-arg index="0" value="" />
  <beans:constructor-arg index="1" value="sAMAccountName={0}" />
Replace to:
Code: Select all
 <beans:constructor-arg index="0" value="[b]dc=domain,dc=local[/b]" />
  <beans:constructor-arg index="1" value="sAMAccountName={0}" />
Finally sometimes is necessary add into <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">...</beans:bean>:
Code: Select all
<beans:property name="baseEnvironmentProperties">
      <beans:map>
        <beans:entry>
          <beans:key>
            <beans:value>java.naming.referral</beans:value>
          </beans:key>
          <beans:value>follow</beans:value>
        </beans:entry>
      </beans:map>
    </beans:property>
Note: is strange form the the white space on cn CN=okm Admin,CN=Users,DC=DOMAIN,DC=local hope user sAMAccountName=okmAdmin no ?

Re: How to configure LDAP in openkm-6.2.0-community?

 #18975  by ashley_420
 
Thanks for your suggestions jllort. I followed your suggestions and now I am able to login using the credentials of okmadmin account I created in AD.

CN=okm Admin,CN=Users,DC=DOMAIN,DC=local is DN. Yes, user sAMAccountName=okmAdmin. Below is my working OpenKM.XML
Code: Select all
<security:authentication-manager alias="authenticationManager">
  <security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
 
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldap://192.168.1.2:389/"/>
  <beans:property name="userDn" value="CN=binduser,OU=Bind Accounts,dc=domain,dc=local"/>
  <beans:property name="password" value="bindpassword"/>
  <beans:property name="baseEnvironmentProperties">
      <beans:map>
        <beans:entry>
          <beans:key>
            <beans:value>java.naming.referral</beans:value>
          </beans:key>
          <beans:value>follow</beans:value>
        </beans:entry>
      </beans:map>
    </beans:property>
  </beans:bean>
 
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="dc=domain,dc=local"/>
      <beans:property name="groupSearchFilter" value="memberOf={0}"/>
      <beans:property name="groupRoleAttribute" value="cn"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="false" />
      <beans:property name="rolePrefix" value="" /> 
    </beans:bean>
  </beans:constructor-arg>
</beans:bean>
 
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="dc=domain,dc=local"/>
  <beans:constructor-arg index="1" value="sAMAccountName={0}" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
  </beans:bean>
</beans:beans>


However, the ROLE_ADMIN is not applied to user okmadmin. The administration tab has disappeared and I can not make any use of the system as I can not do anything with the system. I see the error "Not granted any authorities" in catalina logs as below:-
Code: Select all
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/mail'; against '/frontend/**'
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /frontend/Mail; Attributes: [IS_AUTHENTICATED_FULLY]
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@f5087569: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@f50802c5: Dn: cn=okm Admin,cn=Users,dc=domain,dc=local; Username: okmadmin; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@ffff8868: RemoteIpAddress: 192.168.1.5; SessionId: 7BF88D33F60A9D5A667872EB89B717F2; Not granted any authorities
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.RoleVoter@12e12fd, returned: 0
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.AuthenticatedVoter@1e0a5c6, returned: 1
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Authorization successful
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2012-10-30 18:11:07,971 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/Mail reached end of additional filter chain; proceeding with original chain
2012-10-30 18:11:07,986 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2012-10-30 18:11:07,986 [http-bio-0.0.0.0-80-exec-14] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2012-10-30 18:11:14,861 [http-bio-0.0.0.0-80-exec-15] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2012-10-30 18:11:14,861 [http-bio-0.0.0.0-80-exec-15] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2012-10-30 18:11:14,893 [http-bio-0.0.0.0-80-exec-7] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2012-10-30 18:11:14,893 [http-bio-0.0.0.0-80-exec-7] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
The settings I used in configuration view are as below:-
Code: Select all
system.login.lowercase=on
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
 
principal.ldap.server=ldap://192.168.1.2
principal.ldap.security.principal=CN=Binduser,cn=Bind Accounts,dc=DOMAIN,dc=local
principal.ldap.security.credentials=bindpassword
 
principal.ldap.user.search.base=dc=DOMAIN,dc=local
principal.ldap.user.search.filter=(objectclass=person)
principal.ldap.user.attribute=sAMAccountName
 
principal.ldap.role.search.base=dc=DOMAIN,dc=local
principal.ldap.role.search.filter=(objectclass=group)
principal.ldap.role.attribute=cn
 
principal.ldap.mail.search.base=dc=DOMAIN,dc=local
principal.ldap.mail.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.mail.attribute=mail
 
principal.ldap.username.search.base=dc=DOMAIN,dc=local
principal.ldap.username.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.username.attribute=cn
 
principal.ldap.users.by.role.search.base=dc=DOMAIN,dc=local
principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0}))
principal.ldap.users.by.role.attribute=member
 
principal.ldap.roles.by.user.search.base=dc=DOMAIN,dc=local
principal.ldap.roles.by.user.search.filter=(&(objectClass=person)(sAMAccountName={0}))
principal.ldap.roles.by.user.attribute=memberOf
Any suggestions to get this working are highly appreciated. Thanks in advance.

Re: How to configure LDAP in openkm-6.2.0-community?

 #18994  by ashley_420
 
Hi,

I worked a little on it and changed this
Code: Select all
<beans:property name="groupSearchFilter" value="memberOf={0}"/>
to this
Code: Select all
<beans:property name="groupSearchFilter" value="(objectClass=group)"/>
Now all users can login and everyone is an Administrator to OpenKM. I am not sure what I am missing or doing wrong here.

Re: How to configure LDAP in openkm-6.2.0-community?

 #19030  by jllort
 
You should continue working with OpenKM.xml file the problem is on getting users by roles.
With actual (objectClass=group) you are setting all roles to any user really you want to select only roles which have the user ( for it should be used memberOf or member ).

Read it: http://static.springsource.org/spring-s ... lator.html

And if you want you can enable debug of org.springframework.security packate. Take a look here http://wiki.openkm.com/index.php/Debug_with_tomcat

Re: How to configure LDAP in openkm-6.2.0-community?

 #19058  by gimla
 
Hi
I have a little problem with administrator accounts. I can log in, and can see a administrator bookmark, but when I click on it, I get page with text: "Unauthorized access".
When I use standard log in without LDAP, I can see(from LDAP) users, roles - > everything looks alright.

I will be glad for any help.

Ldap config:
Code: Select all
principal.ldap.mail.attribute = mail       
principal.ldap.mail.search.base = ou=users,o=cz       
principal.ldap.mail.search.filter = (&(objectClass=inetOrgPerson)(cn={0}))       
principal.ldap.referral = follow       
principal.ldap.role.attribute = cn       
principal.ldap.role.search.base = ou=groups,o=cz       
principal.ldap.role.search.filter = (cn=ZAM_*)       
principal.ldap.roles.by.user.attribute = groupMembership       
principal.ldap.roles.by.user.search.base = ou=users,o=cz       
principal.ldap.roles.by.user.search.filter = (&(objectClass=inetOrgPerson)(cn={0}))       
principal.ldap.security.credentials =       
principal.ldap.security.principal =       
principal.ldap.server = ldaps://ldap.xxx:636       
principal.ldap.user.attribute = cn       
principal.ldap.user.search.base = ou=users,o=cz       
principal.ldap.user.search.filter = (groupMembership=cn=ZAM_xxx,ou=xxx,ou=groups,o=cz)       
principal.ldap.username.attribute = fullName       
principal.ldap.username.search.base = ou=users,o=cz       
principal.ldap.username.search.filter = (&(objectClass=inetOrgPerson)(cn={0}))       
principal.ldap.users.by.role.attribute = member       
principal.ldap.users.by.role.search.base = ou=groups,o=cz       
principal.ldap.users.by.role.search.filter = (&(objectClass=posixGroup)(cn={0}))       
principal.ldap.users.from.roles = false 
system.login.lowercase=true
OpenKM.xml:
Code: Select all
<security:authentication-manager alias="authenticationManager">
  <security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
 
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldaps://ldap.xxx:636/"/>
  <beans:property name="userDn" value=""/>
  <beans:property name="password" value=""/>
  <beans:property name="baseEnvironmentProperties">
      <beans:map>
        <beans:entry>
          <beans:key>
            <beans:value>java.naming.referral</beans:value>
          </beans:key>
          <beans:value>follow</beans:value>
        </beans:entry>
      </beans:map>
    </beans:property>
  </beans:bean>
 
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="ou=groups,o=cz"/>
      <beans:property name="groupSearchFilter" value="member={0}"/>
      <beans:property name="groupRoleAttribute" value="cn"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="true" />
      <beans:property name="rolePrefix" value="" /> 
    </beans:bean>
  </beans:constructor-arg>
</beans:bean>
 
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="ou=users,o=cz"/>
  <beans:constructor-arg index="1" value="cn={0}" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
  </beans:bean>

Re: How to configure LDAP in openkm-6.2.0-community?

 #19140  by ashley_420
 
Thanks for the pointers jllort. After making some tweaks to the LDAP configuration, it is working exactly as I wanted. Here is my working OpenKM.XML
Code: Select all
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldap://192.168.1.2/"/>
  <beans:property name="userDn" value="CN=binduser,OU=Bind Accounts,dc=DOMAIN,dc=local"/>
  <beans:property name="password" value="bindpassword"/>
  <beans:property name="baseEnvironmentProperties">
      <beans:map>
        <beans:entry>
          <beans:key>
            <beans:value>java.naming.referral</beans:value>
          </beans:key>
          <beans:value>follow</beans:value>
        </beans:entry>
      </beans:map>
    </beans:property>
  </beans:bean>
 
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="DC=DOMAIN,DC=local"/>
      <beans:property name="groupSearchFilter" value="member={0}"/>
      <beans:property name="groupRoleAttribute" value="cn"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="false"/>
      <beans:property name="rolePrefix" value=""/> 
	</beans:bean>
  </beans:constructor-arg>
</beans:bean>
 
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="dc=DOMAIN,dc=local"/>
  <beans:constructor-arg index="1" value="sAMAccountName={0}" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
  </beans:bean>
LDAP configuration:-
Code: Select all
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
principal.database.filter.inactive.users= true
principal.ldap.mail.attribute=mail
principal.ldap.mail.search.base=dc=DOMAIN,dc=local
principal.ldap.mail.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.referral=follow
principal.ldap.role.attribute=cn
principal.ldap.role.search.base=dc=DOMAIN,dc=local
principal.ldap.role.search.filter=(cn=ROLE_*)
principal.ldap.roles.by.user.attribute=memberOf
principal.ldap.roles.by.user.search.base=dc=DOMAIN,dc=local
principal.ldap.roles.by.user.search.filter=(&(objectClass=person)(sAMAccountName={0}))
principal.ldap.security.credentials=bindpassword
principal.ldap.security.principal=CN=binduser,OU=Bind Accounts,dc=DOMAIN,dc=local
principal.ldap.server=ldap://192.168.1.2
principal.ldap.user.attribute=sAMAccountName
principal.ldap.user.search.base=dc=DOMAIN,dc=local
principal.ldap.user.search.filter=(&(objectClass=user)(objectCategory=person))
principal.ldap.username.attribute=cn
principal.ldap.username.search.base=dc=DOMAIN,dc=local
principal.ldap.username.search.filter=(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.users.by.role.attribute=member
principal.ldap.users.by.role.search.base=dc=DOMAIN,dc=local
principal.ldap.users.by.role.search.filter=(&(objectClass=group)(cn={0}))
principal.ldap.users.from.roles=false
system.login.lowercase=true
Thanks for your help.

Re: How to configure LDAP in openkm-6.2.0-community?

 #19170  by jllort
 
gimla add other post for your problem, do not merge all here please, because in this post the ldap was active directory and yours seems open ldap.
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -