Import 在Liferay 6.1中从LDAP导入用户和用户组

Import 在Liferay 6.1中从LDAP导入用户和用户组,import,ldap,liferay,Import,Ldap,Liferay,我正在尝试将LDAP用户和组导入Liferay 6.1 遵循portal-ext.properties,只能从LDAP导入非用户组的用户 请问有什么建议吗 portal-ext.properties ldap.auth.enabled=true ldap.export.enabled=false ldap.import.method=user ldap.user.impl=com.liferay.portal.security.ldap.LDAPUser ldap.server.ids=1 l

我正在尝试将LDAP用户和组导入Liferay 6.1

遵循
portal-ext.properties
,只能从LDAP导入非
用户组的用户

请问有什么建议吗

portal-ext.properties

ldap.auth.enabled=true
ldap.export.enabled=false
ldap.import.method=user
ldap.user.impl=com.liferay.portal.security.ldap.LDAPUser
ldap.server.ids=1

ldap.server.name.1=STAFF
ldap.base.provider.url.1=ldap://X.X.X.X:XXX
ldap.base.dn.1=ou=ABCD,ou=wdf,o=aaa
ldap.security.principal.1=cn=XXXX,ou=users,o=aaa
ldap.security.credentials.1=XXXXX

ldap.auth.search.filter.1=(mail=@email_address@)
ldap.import.user.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.user.mappings.1=screenName=cn\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\ngroup=groupMembership\njobTitle=title
ldap.user.custom.mappings.1=university=company

ldap.import.group.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.group.mappings.1=groupName=company\ndescription=description\nuser=groupMembership
错误消息: 出现错误:

   ERROR [liferay/scheduler_dispatch-2][PortalLDAPImporterImpl:698] Unable to import user cn=xxxx: null:null:{cn=cn: xxxx}
java.lang.NullPointerException
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroup(PortalLDAPImporterImpl.java:753)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroups(PortalLDAPImporterImpl.java:849)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAPByUser(PortalLDAPImporterImpl.java:693)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:198)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:135)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:95)
at com.liferay.portal.security.ldap.PortalLDAPImporterUtil.importFromLDAP(PortalLDAPImporterUtil.java:39)
at com.liferay.portlet.admin.messaging.LDAPImportMessageListener.doReceive(LDAPImportMessageListener.java:28)
at com.liferay.portal.kernel.messaging.BaseMessageListener.receive(BaseMessageListener.java:25)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
at $Proxy285.receive(Unknown Source)
at com.liferay.portal.kernel.scheduler.messaging.SchedulerEventMessageListenerWrapper.receive(SchedulerEventMessageListenerWrapper.java:73)
at com.liferay.portal.kernel.messaging.InvokerMessageListener.receive(InvokerMessageListener.java:63)
at com.liferay.portal.kernel.messaging.ParallelDestination$1.run(ParallelDestination.java:114)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask._runTask(ThreadPoolExecutor.java:671)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask.run(ThreadPoolExecutor.java:582)
at java.lang.Thread.run(Thread.java:619)
用户正在导入,但用户组仍未导入


Advanced thanx

我认为您需要特别注意
门户中的以下属性。属性

#
# Set either user or group for import method. If set to user, the portal
# will import all users and the groups associated with those users. If set
# to group, the portal import all groups and the users associated those
# groups. This value should be set based on how your LDAP server stores
# group membership information.
#
ldap.import.method=user
#ldap.import.method=group // may be you can use this

#
# If set to true, the group filter will be applied, but only to groups in
# the specified base DN. If set to false, the filter will not be applied and
# all groups that are associated with the imported users will be imported
# regardless of the base DN.
#
ldap.import.group.search.filter.enabled=true
此外,我认为您可以通过进入控制面板,然后

  • 控制面板
  • 门户设置
  • 身份验证
    选项卡
  • LDAP
    选项卡
  • 单击“添加”或“编辑”(如果已添加LDAP)
  • 转到
    部分并添加相关映射信息,单击
    测试LDAP组
    (附屏幕截图)

  • 希望这对您有所帮助。

    您可能需要检查以下内容:

    我也有同样的错误,将屏幕名映射从cn更改为uid解决了我的问题。cn可以包含空间,我想这是我的问题

    问候,,
    Balint

    Hi Prakash,谢谢你的回复,我通过点击“测试LDAO组”按钮进行了检查,我可以看到大约10个组,但在导入其非导入用户组时,仅导入用户组谢谢,Krishna你是否尝试使用:
    ldap.import.method=group
    ?是的,我尝试过使用ldap.import.method=group,但是没有用所以cn不应该包含空格?这是一个很老的线程,但是我认为在同步组时应该使用UID而不是cn。如果CN中没有空格,您可能也可以使用CN。#ldap.user.mappings=screenName=CN\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn ldap.user.mappings=screenName=displayName\npassword=userPassword\nemailAddress=mail\nfirstName=sni在上面给出的属性文件中进行了更改。也许我应该尝试使用ui而不是displayName