active-directory - Alfresco - 为 Active Directory 配置 2 个 groupSearchBases

问题描述

如何为 Alfresco 配置 2 个 groupSearchBases？

现在我的 global.properties 中有这个属性：

ldap.synchronization.groupSearchBase=CN\=Alfresco users,OU\=Users,OU\=AWE,DC\=main,DC\=awe

但我需要用路径配置第二个搜索库

CN=Alfresco 用户,OU=Labs,OU=AWE,DC=main,DC=awe

. 我尝试的是使用OR语句配置属性，如下所示：

ldap.synchronization.groupSearchBase=(|(CN\=Alfresco users,OU\=Users,OU\=AWE,DC\=main,DC\=awe)(CN\=Alfresco users,OU\=Labs,OU\=AWE,DC\=main,DC\=awe))

这个设置给了我一个错误：

00:30:07,147 ERROR [org.alfresco.repo.security.sync.ChainingUserRegistrySynchronizer] Synchronization aborted due to error
org.alfresco.error.AlfrescoRuntimeException: 02290000 Error during LDAP Search. Reason: null
...
Caused by: javax.naming.PartialResultException [Root exception is javax.naming.NamingException: LDAP response read timed out, timeout used:5000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC\=main,DC\=awe']; remaining name '']
...
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:5000ms. [Root exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC\=main,DC\=awe']; remaining name ''
...
Caused by: com.sun.jndi.ldap.LdapReferralException: Continuation Reference; remaining name 'DC\=main,DC\=awe'

我还最小化了 searchBase 路径以包含这样的两个目录：

ldap.synchronization.groupSearchBase=CN\=Alfresco users,OU\=AWE,DC\=main,DC\=awe

但这也给了我一个错误：

    org.alfresco.error.AlfrescoRuntimeException: 02310000 Error during LDAP Search. Reason: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: 'OU=AWE,DC=main,DC=awe'
...
    Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of:'OU=AWE,DC=main,DC=awe'

我做错了什么以及如何在露天搜索两个 groupSearchBases （如果可能的话，最简单的方法）。提前致谢。

标签： active-directoryldapalfresco