留言板
Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Linus Sphinx,修改在11 年前。
Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
So I finally got a 6.0.6 portal to upgrade successfully to liferay-portal-tomcat-6.1.0-ce-ga1-20120106155615760, but once completed only the super user can log in. All users have to update their passwords before they can authenticate. The import from AD no longer updates them. I point it at another database, lportal created with create-mysql.sql and it starts up cleanly but never, repeat never synchronizes or imports any users from AD, using the exact same configuration that's been importing and updating users faithfully for months in 6.0.6. Should load over 6k names but it just does not happen, no error, no indication of it ever even trying in catalina.out. Have it set to import on startup, just sits there. Any ideas? Checked and all the 6.0.6 are still importing just fine, don't think anything has changed in AD, pretty certain of that.
Linus Sphinx,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
Spoke too soon, found one error shutting down, wondering if create-mysql.sql may be broken;
21:32:34,715 ERROR [JDBCExceptionReporter:75] Table 'lportal.WSRP_WSRPConsumerPortlet' doesn't exist
using script in here: liferay-portal-sql-6.1.0-ce-ga1-20120106155615760.zip
how could that go wrong.
21:32:34,715 ERROR [JDBCExceptionReporter:75] Table 'lportal.WSRP_WSRPConsumerPortlet' doesn't exist
using script in here: liferay-portal-sql-6.1.0-ce-ga1-20120106155615760.zip
how could that go wrong.
Hitoshi Ozawa,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Liferay Legend 帖子: 7942 加入日期: 10-3-24 最近的帖子
That's shouldn't be the cause of the problem. It's just a web service portlet.
Linus Sphinx,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
Found and fixed the hash changing, just bad housekeeping on my part, using older database that had not synched for a long time.
Linus Sphinx,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
Thank you, it's not importing but it's trying and that's all I ask really. Error message and stacktrace I get every ten minutes, (again, thank you), below. No idea why but at least I have a class and line number, now and that alone makes me want to buy the whole bar a round:
Class names in the stacktrace may point to my settings or properties, mapping maybe, here is my slightly altered portal-ext.properties. Please have a look and see if you can spot my error, I must be doing something really stupid in there, would really appreciate a sanity check on these, thanks.
If I login as superuser, open control panel->portal settings->LDAP it looks ok, doesn't have a default type but otherwise form looks filled in correctly. Click, "Test LDAP Connection", success, no problem, clicking, "Test LDAP Users", gets a list of 20 accounts. So it appears to be chatting away with Active Directory like old friends until it's time to import.
16:39:54,953 ERROR [PortalLDAPImporterImpl:196] Error importing LDAP users and groups
java.lang.NullPointerException
at com.liferay.portal.kernel.io.unsync.UnsyncStringReader.<init>(UnsyncStringReader.java:33)
at com.liferay.portal.kernel.util.PropertiesUtil.load(PropertiesUtil.java:199)
at com.liferay.portal.kernel.util.PropertiesUtil.load(PropertiesUtil.java:192)
at com.liferay.portal.security.ldap.LDAPSettingsUtil.getUserExpandoMappings(LDAPSettingsUtil.java:124)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:169)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:128)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:95)
at com.liferay.portal.security.ldap.PortalLDAPImporterUtil.importFromLDAP(PortalLDAPImporterUtil.java:30)
at com.liferay.portlet.admin.messaging.LDAPImportMessageListener.doReceive(LDAPImportMessageListener.java:28)
at com.liferay.portal.kernel.messaging.BaseMessageListener.receive(BaseMessageListener.java:25)
at sun.reflect.GeneratedMethodAccessor1052.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:54)
at $Proxy278.receive(Unknown Source)
at com.liferay.portal.kernel.scheduler.messaging.SchedulerEventMessageListenerWrapper.receive(SchedulerEventMessageListenerWrapper.java:75)
at com.liferay.portal.kernel.messaging.InvokerMessageListener.receive(InvokerMessageListener.java:65)
at com.liferay.portal.kernel.messaging.ParallelDestination$1.run(ParallelDestination.java:106)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask._runTask(ThreadPoolExecutor.java:669)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask.run(ThreadPoolExecutor.java:580)
at java.lang.Thread.run(Thread.java:662)
</init>Class names in the stacktrace may point to my settings or properties, mapping maybe, here is my slightly altered portal-ext.properties. Please have a look and see if you can spot my error, I must be doing something really stupid in there, would really appreciate a sanity check on these, thanks.
liferay.home=/usr/local/liferay-portal-6.1.0-ce-ga1
setup.wizard.enabled=false
schema.run.enabled=true
schema.run.minimal=false
redirect.url.security.mode=domain-names
redirect.url.domains.allowed=pr.wizz.org,wizz.org,np.wizz.org
redirect.url.ips.allowed=
web.server.http.port=-1
web.server.https.port=-1
web.server.protocol=http
session.timeout=5
session.timeout.auto.extend=true
field.enable.com.liferay.portal.model.Contact.male=false
field.enable.com.liferay.portal.model.Contact.birthday=false
field.enable.com.liferay.portal.model.Organization.status=false
layout.user.private.layouts.enabled=false
layout.user.private.layouts.modifiable=false
layout.user.private.layouts.auto.create=false
layout.user.public.layouts.enabled=true
layout.user.public.layouts.modifiable=true
layout.user.public.layouts.auto.create=false
layout.remember.maximized.window.state=false
layout.user.private.layouts.power.user.required=true
layout.user.public.layouts.power.user.required=true
open.id.auth.enabled=false
terms.of.use.required=false
company.security.send.password.reset.link=false
company.security.send.password=true
company.security.strangers=false
company.security.auth.type=screenName
company.security.auth.requires.https=false
users.reminder.queries.enabled=false
users.reminder.queries.required=false
users.reminder.queries.custom.question.enabled=false
com.liferay.portal.upload.UploadServletRequestImpl.max.size=2147483648
dl.file.max.size=2147483648
dl.file.indexing.max.size=104857600
dl.file.rank.enabled=false
dl.comparable.file.extensions=.css,.doc,.js,.htm,.html,.odt,.rtf,.sxw,.txt,.xml
openoffice.server.enabled=false
openoffice.server.host=127.0.0.1
openoffice.server.port=8100
openoffice.cache.enabled=false
admin.email.from.name=Portal
admin.email.from.address=portal@wizz.org
admin.default.role.names=User
jdbc.default.driverClassName=com.mysql.jdbc.Driver
jdbc.default.url=jdbc:mysql://dbms/lportal?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
jdbc.default.username=dbadmin
jdbc.default.password=assword
jdbc.default.jndi.name=jdbc/LiferayPool
ldap.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.password.policy.enabled=false
ldap.base.provider.url=ldap://actdir.ad.wizz.org:389
ldap.base.dn=OU=UserAccounts,DC=ad,DC=wizz,DC=org
ldap.security.principal=ADMIN
ldap.security.credentials=ASSWORD
ldap.auth.method=bind
ldap.auth.enabled=true
ldap.auth.required=false
ldap.auth.password.encryption.algorithm.types=MD5,SHA
ldap.auth.search.filter=(SAMAccountName=@screen_name@)
ldap.user.default.object.classes=top,Person,inetOrgPerson,organizationalPerson
ldap.user.mappings=screenName=SAMAccountName\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\ngroup=memberOf
ldap.group.mappings=groupName=cn\ndescription=description\nuser=member
ldap.import.enabled=true
ldap.import.on.startup=true
ldap.import.interval=10
ldap.import.method=user
ldap.import.user.search.filter=(&(objectCategory=Person)(SAMAccountName=*))
ldap.import.group.search.filter=(objectCategory=Group)
ldap.export.enabled=false
mail.session.mail.transport.protocol=smtp
mail.session.mail.smtp.auth=false
mail.session.mail.smtp.host=mailhost.wizz.org
mail.session.mail.smtp.password=
mail.session.mail.smtp.port=25
mail.session.mail.smtp.user=
jcifs.smb.client.soTimeout=35000
ntlm.auth.enabled=true
ntlm.auth.domain.controller=13.20.17.14
ntlm.auth.domain=WIZZ
auto.login.hooks=com.liferay.portal.security.auth.CASAutoLogin,com.liferay.portal.security.auth.NtlmAutoLogin,com.liferay.portal.security.auth.OpenIdAutoLogin,com.liferay.portal.security.auth.OpenSSOAutoLogin,com.liferay.portal.security.auth.ParameterAutoLogin
If I login as superuser, open control panel->portal settings->LDAP it looks ok, doesn't have a default type but otherwise form looks filled in correctly. Click, "Test LDAP Connection", success, no problem, clicking, "Test LDAP Users", gets a list of 20 accounts. So it appears to be chatting away with Active Directory like old friends until it's time to import.
Linus Sphinx,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
Noticed the .0 notation in the default portal.properties from portal-impl.jar so I changed the appropriate ones according to a quick. 'grep '\.0' portal.properties | grep ldap', as below.
Still works fine according to all tests including, 'Test LDAP Groups', yet still no love at import.
Still works fine according to all tests including, 'Test LDAP Groups', yet still no love at import.
ldap.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.password.policy.enabled=false
ldap.auth.method=bind
ldap.auth.enabled=true
ldap.auth.required=false
ldap.auth.password.encryption.algorithm.types=MD5,SHA
ldap.import.enabled=true
ldap.import.on.startup=true
ldap.import.interval=10
ldap.import.method=user
ldap.export.enabled=false
ldap.base.provider.url.0=ldap://actdir.ad.wizz.org:389
ldap.base.dn.0=OU=UserAccounts,DC=ad,DC=wizz,DC=org
ldap.security.principal.0=ADADMIN
ldap.security.credentials.0=ASSWORD
ldap.auth.search.filter.0=(SAMAccountName=@screen_name@)
ldap.user.default.object.classes.0=top,Person,inetOrgPerson,organizationalPerson
ldap.user.mappings.0=screenName=SAMAccountName\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\ngroup=memberOf
ldap.group.mappings.0=groupName=cn\ndescription=description\nuser=member
ldap.import.user.search.filter.0=(&(objectCategory=Person)(SAMAccountName=*))
ldap.import.group.search.filter.0=(objectCategory=Group)
Linus Sphinx,修改在11 年前。
RE: Can't Auth After 6.0.6 to 6.1.0 And Import User Never Trys
Junior Member 帖子: 99 加入日期: 10-8-12 最近的帖子
I follow the stack trace, haven' t followed it far enough but I step through about the fourth line and see it fail in
LDAPSettingsUtil [line: 121] - getUserExpandoMappings(long, long)
where it tries to load ldap.user.custom.mappings.0 which doesn't exist since I didn't create one and it's completely commented out in portal-impl!portal.properties with no empty one in there to load.
with a companyId of 1 and a postfix of ".0" and throws the exception seen.
LDAPSettingsUtil [line: 121] - getUserExpandoMappings(long, long)
where it tries to load ldap.user.custom.mappings.0 which doesn't exist since I didn't create one and it's completely commented out in portal-impl!portal.properties with no empty one in there to load.
Properties userExpandoMappings = PropertiesUtil.load( PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_USER_CUSTOM_MAPPINGS + postfix));
with a companyId of 1 and a postfix of ".0" and throws the exception seen.
#
# When importing and exporting users, the portal will use this mapping to
# connect LDAP user attributes and portal user's custom attributes.
#
#ldap.user.custom.mappings.0=