Daily Log for #alfresco IRC Channel

Alfresco discussion and collaboration. Stick around a few hours after asking a question.

Official support for Enterprise subscribers: support.alfresco.com.

Joining the Channel:

Join in the conversation by getting an IRC client and connecting to #alfresco at Freenode. Our you can use the IRC web chat.

More information about the channel is in the wiki.

Getting Help

More help is available in this list of resources.

Daily Log for #alfresco

2017-05-27 10:26:17 GMT <Fiifi> Hi AFaust:

2017-05-27 10:27:53 GMT <Fiifi> I am looking for a comprehensive doc on SSO setup with Active directory

2017-05-27 10:29:11 GMT <AFaust> So... like docs.alfresco.com?

2017-05-27 10:29:49 GMT <AFaust> http://docs.alfresco.com/5.2/tasks/adminconsole-directorymgt-ad.html

2017-05-27 10:29:50 GMT <alfbot> Title: Configuring LDAP (Active Directory) | Alfresco Documentation (at docs.alfresco.com)

2017-05-27 10:30:07 GMT <Fiifi> I have tried alfresco docs but am not able to accomplish SSO

2017-05-27 10:32:26 GMT <Fiifi> Successfull in using LDAP-AD for syncronisation and authentication .....but getting CIFS authentication and SSO to work is a headache for me

2017-05-27 10:33:28 GMT <Fiifi> I intend to create a blog about SSO if I am successful!

2017-05-27 11:13:54 GMT <AFaust> I think there are already sufficient blogs and documentation out there. Often when my customers have issues setting up SSO, it soon becomes apparent that they were simply not following the instructions properly and missed something / did something incorrect

2017-05-27 14:16:37 GMT <Fiifi> AFaust: Can u recommend me a great blog on sso with AD?

2017-05-27 14:40:15 GMT <AFaust> I can't recommend "a great blog" because most of the blogs are typically someones attempt to document what has been done without verifying if it was the right thing to do in the first place...

2017-05-27 14:40:46 GMT <AFaust> What kind of SSO technology do you want to use? Kerberos or NTLM?

2017-05-27 14:43:19 GMT <AFaust> For Kerberos there is a blog post by dbi (though it only deals with MIT Kerberos, not AD Kerberos - there are some differences but most of them on the AD side, not relating to how Alfresco needs to be configured): https://blog.dbi-services.com/configure-a-kerberos-client-and-alfresco-as-a-kerberized-application/

2017-05-27 14:43:23 GMT <alfbot> Title: Configure a Kerberos Client and Alfresco as a Kerberized application - Blog dbi services (at blog.dbi-services.com)

2017-05-27 14:44:07 GMT <AFaust> For NTLM SSO there is one from aegif: http://labo-blog.aegif.jp/2013/10/ntlm-sso-with-alfresco-42-and-active.html

2017-05-27 14:44:08 GMT <alfbot> Title: aegif Labo Blog: NTLM SSO with Alfresco 4.2 and Active Directory (at labo-blog.aegif.jp)

2017-05-27 14:46:47 GMT <Fiifi_> AFaust: I want NTLM

2017-05-27 14:47:20 GMT <AFaust> Be aware though that NTLM is insecure at this point and no longer recommended by Microsoft. Kerberos is the standard nowadays

2017-05-27 14:47:40 GMT <Fiifi_> NTLMv2 is more secure

2017-05-27 14:48:31 GMT <AFaust> You cannot use NTLMv2 with AD

2017-05-27 14:48:54 GMT <AFaust> (when using Alfresco)

2017-05-27 14:49:03 GMT <Fiifi_> I Know ! It gets used through v1

2017-05-27 14:50:14 GMT <AFaust> Ehm... nope

2017-05-27 14:51:58 GMT <AFaust> Forget my last - I misunderstood your last statement to mean "NTLMv2 is used through v1", but you meant "Alfresco SSO against AD is used through v1"

2017-05-27 22:57:20 GMT <fwu> hi all!

End of Daily Log

The other logs are at http://esplins.org/hash_alfresco