Forums de discussion

  1. Accueil
  2. Development
  3. Configure Liferay 6.1 with ldpad without importing users

Configure Liferay 6.1 with ldpad without importing users

Guillermo Pacheco, modifié il y a 11 années.

Configure Liferay 6.1 with ldpad without importing users

New Member Publications: 3 Date d'inscription: 11/04/12 Publications récentes
Hi to everyone.

We have a Liferay Portal Community Edition 6.1.0 CE in production and we want the authentication working with openLDAP. Our goal is to configure the portal authentication with ldap so it reads user and password form ldap, not the user and password stored in the portal. At first place we imported users from ldap, so they are in Liferay database, and authentication works fine, but when we disable all users (except Admin user) in the portal interface, nobody can login.
The configuration with ldap server seems to be fine and the configuration testing says its ok. The importation works fine, so the comunication with the ldap server is ok. Only we dont want that athentication be through Portal stored users, but ldap directly. I've been searching on the internet but I can find nothing useful about this matter, and seems most of people work importing users.
Here are a few pics of our configuration.

Thank you.

Pièces jointes:

thumbnail
David H Nebinger, modifié il y a 11 années.

RE: Configure Liferay 6.1 with ldpad without importing users

Liferay Legend Publications: 14919 Date d'inscription: 02/09/06 Publications récentes
Users must be valid in the Liferay database. Only when they are valid and can log in is LDAP checked to ensure the credentials are correct.

If you disable the user in LDAP, when the sync occurs that should also pull in and disable the user on the Liferay side.

If you are going to defer to LDAP for your user management, you should not be making any changes on the Liferay side unless you've enabled the LDAP export.
Guillermo Pacheco, modifié il y a 11 années.

RE: Configure Liferay 6.1 with ldpad without importing users

New Member Publications: 3 Date d'inscription: 11/04/12 Publications récentes
Sorry for the delay in my answer. Thank you David, then there's no problem then, because what we feared is that an user deleted from the ldap server could still login in the portal.

Thank you again.
Timur Magzumov, modifié il y a 11 années.

RE: Configure Liferay 6.1 with ldpad without importing users

New Member Publications: 3 Date d'inscription: 12/04/13 Publications récentes
Hi,
1.If I understand it correctly, Liferay will ALWAYS import user from LDAP (if LDAP authentication is enabled and required), right?
2. If so, what would be the benefit of using LDAP if the users are checked in LDAP, but copied to the Liferay Database?

I tried changing password on LDAP server, the user could still log into Liferay with OLD password.
After the user logs into Liferay with the new password, then the OLD password login fails.
I suppose Liferay first checks its own database, and if it fails, then LDAP server is checked (with password update if necessary).

Thanks emoticon