Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-39554

LDAP - Groups Not Imported From Base DN (Windows Server 2008)


    • Type: Regression Bug
    • Status: Closed
    • Resolution: No Longer Reproducible
    • Affects Version/s: 6.2.0 CE B2
    • Fix Version/s: 7.0.0 Beta 3
    • Environment:
      Tomcat 7 + MySQL 5. Portal 6.2.x GIT ID: 597e90da15b6a47bc6cdf2ec0b57ab89f43340f6 .
    • Fix Priority:


      1. Setup an Active Directory Server in a Windows Server 2008 machine
      2. Create a Base DN groups and users
      3. Assign some user(s) to a group(s)
      4. In another machine have an instance of portal ready to start (to import the users and groups)
      5. Start Portal attempt to import the users and groups using LDAP (going to Control Panel > Portal Settings > Authentication > LDAP, add an LDAP server)
      6. Fill out the appropriate forms:
        • Server Name: mydomain
        • Microsoft Active Directory Server: (bubble in)
        • Base Provider URL: ldap://[VM_ip address]:389
        • Base DN: ou=Employees,dc=mydomain,dc=com
        • Principal: mydomain\administrator - Credentials: (your server password)
      7. You may test the LDAP connection (if all is correct, it should say "Liferay has successfully connected to the LDAP server")
      8. Continue to fill out the appropraite forms:
        • Authentication Search Filter: (&(objectCategory=Person)(mail=@email_address@))
        • Import Search Filter: (objectClass=User)
        • UUID:
        • Screen Name: sn
        • Email Address: mail
        • Password: userPassword
        • First Name: givenName
        • Middle Name:
        • Last Name: sn
        • Full Name: cn
        • Job Title:
        • Status:
        • Group:
      9. You may test the LDAP users (if all is correct, it should list the users and their information)
      10. Continue to fill out the appropriate forms:
        • Import Search Filter: (objectClass=group)
        • Group Name: cn
        • Description: description
        • User: member
      11. You may now test the LDAP Groups

      Expected results:
      Test of groups will list the groups in the BaseDN.

      Actual results:
      "No groups were found" message is shown, and on server reset the groups are not ever imported.

      Strange occurences happened, once in awhile on server reset the users also went missing, and were not imported, but that seems to be in an inconsistent basis.


        1. LDAPImport.PNG
          129 kB
          Godestablishedyou Escobedo
        2. LDAPImport2.PNG
          135 kB
          Godestablishedyou Escobedo
        3. LDAPImport3.PNG
          162 kB
          Godestablishedyou Escobedo
        4. LDAPImport4.PNG
          148 kB
          Godestablishedyou Escobedo



            brian.greenwald Brian Greenwald
            godestablishedyou.escobedo Godestablishedyou Escobedo (Inactive)
            Participants of an Issue:
            Recent user:
            Esther Sanz
            0 Vote for this issue
            0 Start watching this issue


              Days since last comment:
              7 years, 14 weeks ago


                Version Package
                7.0.0 Beta 3