1

我正在尝试将 LDAP 用户和组导入 Liferay 6.1。

以下portal-ext.properties,只能导入不Usergroups来自 LDAP 的用户

请问有什么建议吗。

portal-ext.properties

ldap.auth.enabled=true
ldap.export.enabled=false
ldap.import.method=user
ldap.user.impl=com.liferay.portal.security.ldap.LDAPUser
ldap.server.ids=1

ldap.server.name.1=STAFF
ldap.base.provider.url.1=ldap://X.X.X.X:XXX
ldap.base.dn.1=ou=ABCD,ou=wdf,o=aaa
ldap.security.principal.1=cn=XXXX,ou=users,o=aaa
ldap.security.credentials.1=XXXXX

ldap.auth.search.filter.1=(mail=@email_address@)
ldap.import.user.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.user.mappings.1=screenName=cn\npassword=userPassword\nemailAddress=mail\nfirstName=givenName\nlastName=sn\ngroup=groupMembership\njobTitle=title
ldap.user.custom.mappings.1=university=company

ldap.import.group.search.filter.1=(&(objectClass=inetOrgPerson)(!(loginDisabled=true)))
ldap.group.mappings.1=groupName=company\ndescription=description\nuser=groupMembership

错误消息:得到错误:

   ERROR [liferay/scheduler_dispatch-2][PortalLDAPImporterImpl:698] Unable to import user cn=xxxx: null:null:{cn=cn: xxxx}
java.lang.NullPointerException
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroup(PortalLDAPImporterImpl.java:753)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importGroups(PortalLDAPImporterImpl.java:849)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAPByUser(PortalLDAPImporterImpl.java:693)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:198)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:135)
at com.liferay.portal.security.ldap.PortalLDAPImporterImpl.importFromLDAP(PortalLDAPImporterImpl.java:95)
at com.liferay.portal.security.ldap.PortalLDAPImporterUtil.importFromLDAP(PortalLDAPImporterUtil.java:39)
at com.liferay.portlet.admin.messaging.LDAPImportMessageListener.doReceive(LDAPImportMessageListener.java:28)
at com.liferay.portal.kernel.messaging.BaseMessageListener.receive(BaseMessageListener.java:25)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.liferay.portal.kernel.bean.ClassLoaderBeanHandler.invoke(ClassLoaderBeanHandler.java:67)
at $Proxy285.receive(Unknown Source)
at com.liferay.portal.kernel.scheduler.messaging.SchedulerEventMessageListenerWrapper.receive(SchedulerEventMessageListenerWrapper.java:73)
at com.liferay.portal.kernel.messaging.InvokerMessageListener.receive(InvokerMessageListener.java:63)
at com.liferay.portal.kernel.messaging.ParallelDestination$1.run(ParallelDestination.java:114)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask._runTask(ThreadPoolExecutor.java:671)
at com.liferay.portal.kernel.concurrent.ThreadPoolExecutor$WorkerTask.run(ThreadPoolExecutor.java:582)
at java.lang.Thread.run(Thread.java:619)

用户正在导入,但用户组仍未导入

提前感谢

4

2 回答 2

2

您可能想检查一下: https ://www.liferay.com/community/forums/-/message_boards/message/15751010

我也有同样的错误,将屏幕名称映射从 cn 更改为 uid 解决了我的问题。cn 可以包含空格,我认为这是我的问题。

问候, 巴林特

于 2012-12-18T16:29:03.090 回答
1

I think you need to pay special attention to the following properties in portal.properties:

#
# Set either user or group for import method. If set to user, the portal
# will import all users and the groups associated with those users. If set
# to group, the portal import all groups and the users associated those
# groups. This value should be set based on how your LDAP server stores
# group membership information.
#
ldap.import.method=user
#ldap.import.method=group // may be you can use this

#
# If set to true, the group filter will be applied, but only to groups in
# the specified base DN. If set to false, the filter will not be applied and
# all groups that are associated with the imported users will be imported
# regardless of the base DN.
#
ldap.import.group.search.filter.enabled=true

Also I think you can test whether groups are being imported or not by going to the Control panel and then ...

  1. Control Panel
  2. Portal Settings
  3. Authentication tab
  4. LDAP tab
  5. Click "Add" or "Edit" (if LDAP already added)
  6. Go to Groups section and add relevant mapping information, click Test LDAP Groups (screen shot attached).

enter image description here

Hope this may help you in some way.

于 2012-08-17T07:35:19.963 回答