AnsweredAssumed Answered

Pulling Additional Attributes from AD LDAP - Ver 3.2r2

Question asked by acook on Apr 11, 2010
Latest reply on Feb 9, 2013 by sasquatch58
Hi all-

So, let me first start off by saying that I am very new to Alfresco and have only been experimenting with it for about the last 2 months.  In saying this, thanks to the wiki articles concerning the Alfresco Subsystems and such, I have been very successful in configuring my Alfresco installation.  However, I currently have a problem/question concerning pulling additional attributes (for example, "location" attribute from Active Directory) into Alfresco, which, as far as I can tell, is not done with the "default" properties file (ldap-ad-authentication.properties).

There is no question - my Alfresco installation is successfully syncing users against Acitve Directory (AD) and authenticating quite nicely against it.  However, when I log into Alfresco as one of my users and browse to "User Profile and Settings" area of Alfresco, I only see that the "First Name", "Last Name", "Email" and "Organization" has been populated, according to the data in AD.  I was wondering, can the remaining fields (for example, "Job Title" and "Location") be also populated from AD during a sync?  My assumption was "yes", so I went searching around and found the following post:

http://forums.alfresco.com/en/viewtopic.php?f=9&t=21588

I thought that it applied to what I was trying to achieve so I followed it.  However, I cannot populate these fields.  Perhaps, I am missing something?

About my settings/configuration as of now:
Here is my authentication chain -
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap-ad

Therefore, I have created the directory structure for the Authentication subsystem based on this.  Accordingly, I have created two files -
..tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap1\ldap-ad-authentication.properties
..tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap1\custom-ldap-context.xml

For ldap-ad-authentication.properties, I have added the following to the end:

#CUSTOM LDAP MAPPINGS
ldap.synchronization.userJobTitleAttributeName=title
ldap.synchronization.userOrganizationAttributeName=department
ldap.synchronization.userLocationAttributeName=physicalDeliveryOfficeName
ldap.synchronization.userMobileAttributeName=mobile
ldap.synchronization.userCompanyPostCodeAttributeName=postalCode
ldap.synchronization.userCompanyFaxAttributeName=facsimileTelephoneNumber
ldap.synchronization.userCompanyTelephoneAttributeName=telephoneNumber
ldap.synchronization.userCompanyEmailAttributeName=mail
ldap.synchronization.userPersonDescriptionAttributeName=info
ldap.synchronization.userTelephoneAttributeName=homePhone
ldap.synchronization.userCompanyAddress1AttributeName=streetAddress
ldap.synchronization.userCompanyAddress2AttributeName=l
ldap.synchronization.userCompanyAddress3AttributeName=st

For custom-ldap-context.xml, I have added the following (under the "userRegistry" Bean id and "attributeMapping" property):
      
<!– CUSTOM ENTRY KEYS –>
<entry key="cm:jobtitle">
     <value>${ldap.synchronization.userJobTitleAttributeName}</value>
</entry>
<entry key="cm:organization">
     <value>${ldap.synchronization.userOrganizationAttributeName}</value>
</entry>
<entry key="cm:location">
     <value>${ldap.synchronization.userLocationAttributeName}</value>
</entry>
<entry key="cm:mobile">
     <value>${ldap.synchronization.userMobileAttributeName}</value>
</entry>
<entry key="cm:companypostcode">
     <value>${ldap.synchronization.userCompanyPostCodeAttributeName}</value>
</entry>
<entry key="cm:companyfax">
     <value>${ldap.synchronization.userCompanyFaxAttributeName}</value>
</entry>
<entry key="cm:companytelephone">
     <value>${ldap.synchronization.userCompanyTelephoneAttributeName}</value>
</entry>
<entry key="cm:companyemail">
     <value>${ldap.synchronization.userCompanyEmailAttributeName}</value>
</entry>
<entry key="cm:persondescription">
     <value>${ldap.synchronization.userPersonDescriptionAttributeName}</value>
</entry>
<entry key="cm:telephone">
     <value>${ldap.synchronization.userTelephoneAttributeName}</value>
</entry>
<entry key="cm:companyaddress1">
     <value>${ldap.synchronization.userCompanyAddress1AttributeName}</value>
</entry>
<entry key="cm:companyaddress2">
     <value>${ldap.synchronization.userCompanyAddress2AttributeName}</value>
</entry>
<entry key="cm:companyaddress3">
     <value>${ldap.synchronization.userCompanyAddress3AttributeName}</value>
</entry>

The rest of "custom-ldap-context.xml" is just a copy of "common-ldap-context.xml".  I do not see any error messages concerning this in "alfresco.log", but then again, I do not think that attribute-level mapping information is logged (from other posts I have come across).  Perhaps, this file is not being read?

I also used this page as a reference:
http://wiki.alfresco.com/wiki/Alfresco_Subsystems#Spring_Beans

Any help would greatly be appreciated.

Thanks for your time in advance.

Outcomes