Hello, I have configured an alfresco 5.2 community system which I have configured to synchronize with a group in my active directory, the synchronization occurs without problems.
The problem I have is that when removing a user from the group, this user can still login to the alfresco system. How can I avoid such behavior?
Good morning.
if we take a look in the official documentation:
Synchronization deletion Users and groups removed from the LDAP directory or query are only identified when synchronization is triggered by the schedule job in either full mode or differential with removals mode. Users and groups created as a result of a synchronization operation are tagged with an originating zone ID. This records the ID of the authentication subsystem instance that the user or group was queried from. On synchronization with a zone, only those users and groups tagged with that zone are candidates for deletion. This avoids accidental deletion of built-in groups, such as ALFRESCO_ADMINISTRATORS. When a removed user or group is detected, Community Edition will behave in one of two ways, depending on the value of the synchronization.allowDeletions property. When true (the default value), Community Edition simply deletes the user or group from the local repository. When false, the user or group is simply untagged from its zone, thus converting it to a local user or group. A removed user also loses its memberships from any of the LDAP groups they were in, whereas, a removed group is cleared of all their members. As the user or group is retained in the repository, this setting has the advantage that the site memberships for that user or group are remembered, should they later be reactivated.
What have you declared in synchronization.allowDeletion ? Share your config file with us, please.
Cheers,
Cristina.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.