Foren

  1. Startseite
  2. Development
  3. Password Synchronization Issue with AD and LDAP

Password Synchronization Issue with AD and LDAP

Payal Gandhi, geändert vor 15 Jahren.

Password Synchronization Issue with AD and LDAP

New Member Beitrag: 1 Beitrittsdatum: 27.03.09 Neueste Beiträge
Hello,

We have configured Liferay to use LDAP Authentication with AD. We have a problem when a user changes their password in AD only the old password works to login to liferay.

Can someone please with this. FYI we are on the 4.3.2 version of liferay. Was this a bug and been fixed in the newer releases?

Thanks
PG
Patrice Laramee, geändert vor 13 Jahren.

RE: Password Synchronization Issue with AD and LDAP

New Member Beiträge: 4 Beitrittsdatum: 25.01.11 Neueste Beiträge
Hi,

I'm using liferay 6.0.6 with NTLM and LDAP for the authentication. I'm experiencing the same issue. If a password is changed on Active Directory the following will occur:

1- The user will be allowed to login with NTLM on the Portal
2- If the user tries to mount the webdav share, it will fail. If the user use his previous password. It will work.

I believe that's is a major concern since good practices recommend to change a password every XX days... I also believe that it's a default setting (GPO) in Active Directory to ask the user to change his password. If we setup a SSO, the last thing we want to do is ask the users to sync their passwords manually.

Anyone know the mechanic behind the LDAP integration?

I noticed that if you don't check 'Import' for the LDAP settings. The groups will not be sync.

-Pat
thumbnail
Mika Koivisto, geändert vor 12 Jahren.

RE: Password Synchronization Issue with AD and LDAP

Liferay Legend Beiträge: 1519 Beitrittsdatum: 07.08.06 Neueste Beiträge
I think the problem is that the portal does not know the password of the user when using SSO like NTLM. If you use normal Liferay login agains LDAP it would get the password used to authenticate agains the LDAP server and then update that to Liferays database.
Yann Lortie, geändert vor 12 Jahren.

RE: Password Synchronization Issue with AD and LDAP

New Member Beiträge: 4 Beitrittsdatum: 10.01.12 Neueste Beiträge
I also noticed a few issues...

I want to synchronize (with LDAP):
1) any User fields like Title
2) any User deletion
Could be done once a week, or on request.

Also, adding other fields like phone number and many others fields from the LDAP. Right now, I am considering writing a hook or an ext.
Do anybody knows if Liferay team will improve the LDAP sync ??
Thanks