Import 在Liferay 6.1中从LDAP导入用户和用户组
我正在尝试将LDAP用户和组导入Liferay 6.1 遵循Import 在Liferay 6.1中从LDAP导入用户和用户组,import,ldap,liferay,Import,Ldap,Liferay,我正在尝试将LDAP用户和组导入Liferay 6.1 遵循portal-ext.properties,只能从LDAP导入非用户组的用户 请问有什么建议吗 portal-ext.properties ldap.auth.enabled=true ldap.export.enabled=false ldap.import.method=user ldap.user.impl=com.liferay.portal.security.ldap.LDAPUser ldap.server.ids=1 l
portal-ext.properties
,只能从LDAP导入非用户组的用户
请问有什么建议吗
portal-ext.properties
ldap.auth.enabled=true
ldap.export.enabled=false
ldap.import.method=user
ldap.user.impl=com.liferay.portal.security.ldap.LDAPUser
ldap.server.ids=1
ldap.server.name.1=STAFF
ldap.base.provider.url.1=ldap://X.X.X.X:XXX
ldap.base.dn.1=ou=ABCD,ou=wdf,o=aaa
ldap.security.principal.1=cn=XXXX,ou=users,o=aaa
ldap.security.credentials.1=XXXXX
ldap.auth.search.filter.1=(mail=@email_address@)
ldap.import.user.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.user.mappings.1=screenName=cn\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\ngroup=groupMembership\njobTitle=title
ldap.user.custom.mappings.1=university=company
ldap.import.group.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.group.mappings.1=groupName=company\ndescription=description\nuser=groupMembership
错误消息:
出现错误:
ERROR [liferay/scheduler_dispatch-2][PortalLDAPImporterImpl:698] Unable to import user cn=xxxx: null:null:{cn=cn: xxxx}
java.lang.NullPointerException
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroup(PortalLDAPImporterImpl.java:753)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroups(PortalLDAPImporterImpl.java:849)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAPByUser(PortalLDAPImporterImpl.java:693)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:198)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:135)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:95)
at com.liferay.portal.security.ldap.PortalLDAPImporterUtil.importFromLDAP(PortalLDAPImporterUtil.java:39)
at com.liferay.portlet.admin.messaging.LDAPImportMessageListener.doReceive(LDAPImportMessageListener.java:28)
at com.liferay.portal.kernel.messaging.BaseMessageListener.receive(BaseMessageListener.java:25)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
at $Proxy285.receive(Unknown Source)
at com.liferay.portal.kernel.scheduler.messaging.SchedulerEventMessageListenerWrapper.receive(SchedulerEventMessageListenerWrapper.java:73)
at com.liferay.portal.kernel.messaging.InvokerMessageListener.receive(InvokerMessageListener.java:63)
at com.liferay.portal.kernel.messaging.ParallelDestination$1.run(ParallelDestination.java:114)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask._runTask(ThreadPoolExecutor.java:671)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask.run(ThreadPoolExecutor.java:582)
at java.lang.Thread.run(Thread.java:619)
用户正在导入,但用户组仍未导入
Advanced thanx我认为您需要特别注意门户中的以下属性。属性
:
#
# Set either user or group for import method. If set to user, the portal
# will import all users and the groups associated with those users. If set
# to group, the portal import all groups and the users associated those
# groups. This value should be set based on how your LDAP server stores
# group membership information.
#
ldap.import.method=user
#ldap.import.method=group // may be you can use this
#
# If set to true, the group filter will be applied, but only to groups in
# the specified base DN. If set to false, the filter will not be applied and
# all groups that are associated with the imported users will be imported
# regardless of the base DN.
#
ldap.import.group.search.filter.enabled=true
此外,我认为您可以通过进入控制面板,然后
控制面板
门户设置
身份验证
选项卡
LDAP
选项卡
单击“添加”或“编辑”(如果已添加LDAP)
转到组
部分并添加相关映射信息,单击测试LDAP组
(附屏幕截图)
希望这对您有所帮助。您可能需要检查以下内容:
我也有同样的错误,将屏幕名映射从cn更改为uid解决了我的问题。cn可以包含空间,我想这是我的问题
问候,,
BalintHi Prakash,谢谢你的回复,我通过点击“测试LDAO组”按钮进行了检查,我可以看到大约10个组,但在导入其非导入用户组时,仅导入用户组谢谢,Krishna你是否尝试使用:ldap.import.method=group
?是的,我尝试过使用ldap.import.method=group,但是没有用所以cn不应该包含空格?这是一个很老的线程,但是我认为在同步组时应该使用UID而不是cn。如果CN中没有空格,您可能也可以使用CN。#ldap.user.mappings=screenName=CN\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn ldap.user.mappings=screenName=displayName\npassword=userPassword\nemailAddress=mail\nfirstName=sni在上面给出的属性文件中进行了更改。也许我应该尝试使用ui而不是displayName