Open Source Document Management System | OpenKM

I have OpenKM 4.0 using LDAP against an Active Directory. User validation and roles retrieval from AD is working fine.
The problem is with the mail configured in AD.
When doing an action (as lock) that triggers an email, I see in the log that the LDAP query is done using the users CN. However the data being used is the users sAMAccountName (the one used to login).
I tried setting the principal.ldap.mail.search.filter in OpenKM.conf with no luck. Is it possible to configure this?

Thanks
Fabio

Log error:

11:28:25,664 ERROR [STDERR] javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, proble
m 2001 (NO_OBJECT), data 0, best match of:
'CN=Users,DC=oficina,DC=domain,DC=com,DC=ar'
^@]; remaining name 'cn=fabios,CN=Users,DC=oficina,DC=qbit,DC=com,DC=ar'

OpenKM.conf:

principal.ldap.mail.search.base=cn={0},CN=Users,DC=oficina,DC=qbit,DC=com,DC=ar
principal.ldap.mail.search.filter=(objectClass=person)
principal.ldap.mail.atribute=mail

in forum there's a full example of windows ldap configuration, take a look here

Thanks for the reply.
I used that post to configure LDAP and it's working fine for users and roles. The problem is with mails. Its using the wrong attribute.

I tried changing the OpenKM.conf from

principal.ldap.mail.search.base=cn={0},CN=Users,DC=oficina,DC=qbit,DC=com,DC=ar
principal.ldap.mail.search.filter=(objectClass=person)

to

principal.ldap.mail.search.base=CN=Users,DC=oficina,DC=qbit,DC=com,DC=ar
principal.ldap.mail.search.filter=(&(objectClass=person)(sAMAccountName=fabios))

and it worked fine, but I hardcoded the user name.
I tried sAMAccountName={0} but it didn´t worked. Is it possible to use {0} there?

thanks
Fabio

Is there any update on this issue. I am having the exact same problem. I have not been able to determine the proper search filter.

The use of {0} in this case is not implemented in OpenKM 4.1, but could be included in OpenKM 5.0 if you help me to understand the problem. If you need this issue fixed in OpenKM 4.1, please contact us at http://www.openkm.com/Contact/.

I am trying to get users e-mail address from Active Directory. I have followed the instructions from the Wiki with no success. When triggering e-mail notifications

I am getting error:

javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'CN=Users,DC=mydomain,DC=net'
]; remaining name 'CN=first.last,CN=Users,DC=mydomain,DC=net'


OpenKm looks to be passing sAMAccountName instead of the CN for the user.


My OpenKM.cfg

#Active Directory Intergration
principal.adapter=es.git.openkm.principal.LdapPrincipalAdapter
principal.ldap.server=ldap://corp-tbg01
principal.ldap.security.principal=cn=Administrator,cn=Users,DC=mydomain,dc=net
principal.ldap.security.credentials=password
principal.ldap.user.search.base=cn=Users,dc=mydomain,dc=net
principal.ldap.user.search.filter=(&(objectclass=person)(memberOf=CN=UserRole,CN=Users,DC=mydomain,DC=net))
principal.ldap.user.atribute=cn
principal.ldap.role.search.base=cn=users,dc=mydomain,dc=net
principal.ldap.role.search.filter=(&(objectclass=group)(memberOf=CN=OpenKM,CN=Users,DC=mydomain,DC=net))
principal.ldap.role.atribute=cn
principal.ldap.mail.search.base=CN={0},CN=Users,DC=mydomain,DC=net
principal.ldap.mail.search.filter=(objectclass=person)
principal.ldap.mail.atribute=mail
system.login.lowercase=on

I would need at least an screenshot of your LDAP structure. Also, if the "LdapPrincipalAdapter" can't handle your LDAP structure, you can always implement your custom "PrincipalAdapter".

Or downloading sourcecode and test our LdapPrincipalAdapter class in order to localize the error

I have sent a snapshot of my AD structure via PM.

Thanks,

-Dan

Is there a way I can set the e-mail address for users without using Active Directory?

Only creating a new PrincipalAdapter class, that means compiling source code. But I think it's better downloading source code and make minimal test.java class in order to take a look what happens with default class LdapPrincipalAdapter in your environment.