Online demo
Download
Contact

Because information matters

  • Help Me to Config AD (Openkm 6.3)

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Sun Apr 19, 2026 3:19 pm

Help Me to Config AD (Openkm 6.3)

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

Help Me to Config AD (Openkm 6.3)

 #30405  by tbalaji
 
Hi i am new to openkm and AD.

i tried to config Openkm with AD. i tested all config from google. but i can't login for all user. only perticular OU user can able to login.

In AD msDS-AllUsersTrustQuota set as 1000.

AD Structure:

OU=xxxx1,DC=yyyyy,DC=com
OU=xxxx2,DC=yyyyy,DC=com
OU=xxxx3,DC=yyyyy,DC=com
OU=xxxx4,DC=yyyyy,DC=com
OU=xxxx5,DC=yyyyy,DC=com

Here is my Openkm.xml
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:security="http://www.springframework.org/schema/security"
             xmlns:task="http://www.springframework.org/schema/task"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                                 http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                                 http://www.springframework.org/schema/security
                                 http://www.springframework.org/schema/security/spring-security-3.1.xsd
                                 http://www.springframework.org/schema/task
                                 http://www.springframework.org/schema/task/spring-task-3.1.xsd">
  
  <!-- Security configuration -->

<security:authentication-manager alias="authenticationManager">
  <security:authentication-provider ref="ldapAuthProvider" />
</security:authentication-manager>
 
<beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
  <beans:constructor-arg value="ldap://{AD-IP}:389"/>
  <beans:property name="userDn" value="CN=username,OU=zzzz1,OU=xxxx1,dc=yyyy,dc=com"/>
  <beans:property name="password" value="pass"/>
  <beans:property name="baseEnvironmentProperties">
      <beans:map>
        <beans:entry>
          <beans:key>
            <beans:value>java.naming.referral</beans:value>
          </beans:key>
          <beans:value>follow</beans:value>
        </beans:entry>
      </beans:map>
    </beans:property>
  </beans:bean>
 
<beans:bean id="ldapAuthProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:property name="userSearch" ref="userSearch"/>
    </beans:bean>
  </beans:constructor-arg>
  <beans:constructor-arg>
    <beans:bean class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
      <beans:constructor-arg ref="contextSource"/>
      <beans:constructor-arg value="OU=xxxx1,DC=yyyy,DC=com"/>
      <beans:property name="groupSearchFilter" value="member={0}"/>
      <beans:property name="groupRoleAttribute" value="sAMAccountName"/>
      <beans:property name="searchSubtree" value="true" />
      <beans:property name="convertToUpperCase" value="true" />
      <beans:property name="rolePrefix" value="" /> 
    </beans:bean>
  </beans:constructor-arg>
</beans:bean>
 
<beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <beans:constructor-arg index="0" value="DC=yyyy,DC=com"/>
  <beans:constructor-arg index="1" value="cn={0}" />
  <beans:constructor-arg index="2" ref="contextSource" />
  <beans:property name="searchSubtree" value="true" />
  </beans:bean>

</beans:beans>
Only xxxx1 OU user able to login :(

if i search in DC=yyyy,DC=com i am getting only 1000 users.

pls help me to get all user from DC=yyyy, DC=com

Re: Help Me to Config AD (Openkm 6.3)

 #30416  by jllort
 
Before starting with OpenKM.xml ( authentication ) I suggest you configure Administration / configuration ldap parameteres ( to see user and roles list in administration) did you get it ?
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -