LDAP Authentication (no sync) is creating users?!?

Hallo,

I've installed Alfresco 5.0.d and want to use LDAP authentication for users that I create manually in Alfresco - as I do not have the possibility to use LDAP groups or any other filter method on the LDAP server.

So I want to create a specific user, enter the LDAP login (+ a random password) and then the user can login in Alfresco via LDAP credentials.

I have configured this setup (sort of...) via the settings below, but the following problem accurs:

Whenever a user logs in who is NOT have a Alfresco user (i.e. who I did not create manually), Alfresco creates this user by itself and the user can log in.

Using some magic debug statements, I got the following output in catalina.out when such a user logs in:

[authentication.ldap.LDAPAuthenticationComponentImpl][...] Authenticating user "<userid>"
[authentication.ldap.LDAPAuthenticationComponentImpl][...] User "<userid>" does not exist in Alfresco. Attempting to import/ create the user.
[authentication.ldap.LDAPAuthenticationComponentImpl][...] Setting the current user to "<userid>"
[authentication.ldap.LDAPAuthenticationComponentImpl][...] User "<userid>" authenticated successfully

That is NOT what I want!

How can I achieve my goal? What settings did I miss?

My configuration in alfresco-global.properties:

authentication.chain=ldap1:ldap,alfrescoNtlm1:alfrescoNtlm
 
alfresco.authentication.allowGuestLogin=false
ntlm.authentication.sso.enabled=false
ntlm.authentication.allowGuestLogin=false
ntlm.authentication.mapUnknownUserToGuest=false 
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.java.naming.read.timeout=30000 
ldap.authentication.userNameFormat=uid=%s,ou=people,o=xxxxxn,c=DE
ldap.authentication.escapeCommasInBind=true
ldap.authentication.java.naming.provider.url=ldaps://our.ldap.server:636
ldap.authentication.java.naming.security.protocol=ssl
ldap.authentication.truststore.path=/opt/alfresco/alf_data/keystore/ldap/ldap-keystore
ldap.authentication.truststore.passphrase=our-password
ldap.authentication.truststore.type=JKS
 
ldap.synchronization.active=false
# out of despair, I added these settings, which do not seem to help:
ldap.synchronization.syncWhenMissingPeopleLogIn=false
ldap.synchronization.autoCreatePeopleOnLogin=false

Thank you!

Kind regards
Anna Christina Naß

Alfresco Version5.0.d

TagsLDAP

LDAP Authentication (no sync) is creating users?!?

Trending Articles

Scuffham Amps - S-GEAR 2.6.0 VST, AAX, STANDALONE x86 x64 (R2R NO iLok2, +NO...

Practice Sheet of Right form of verbs for HSC Students

VHSE First (1st) Allotment 2025 - vhscap.kerala.gov.in

UNIVERSE LEAGUE – UNIVERSE LEAGUE – WAR (We Are Ready) – EP [iTunes Plus M4A]

City Hunter Teledrama – Episode 18 – 07th May 2016

Comment on Proposed Criteria for Identifying Predatory Conferences by Luke...

Bureau of Internal Revenue: Regional Offices (Directory)

Kendrick Lamar – Not Like Us (2024) [24Bit-88.2kHz] [PMEDIA] ⭐️

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

East Hull MD admits sexual assaults after another victim comes forward

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

R. v. Sargeant, 2023 ONSC 6406 (CanLII)

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

Who’s been sentenced at Northampton Magistrates’ Court

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

Family cries out as traditional ruler allegedly abducts brother, extorts N2.5m

Long-Running Conflict In Springfield (MA) Gangland Sphere Has Manzi Family &...

Wondershare Filmora X v10.1.20.16 x64

Man arrested after fracas in flat

Man charged in ongoing Sexual Assault Investigation Derek Nyilas, 46, Faces...