Help

OpenLdap

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
trkpower
Member II
‎25 Mar 2009 11:08 AM

OpenLdap

Bom dia,
Onde é que poderei arranjar algum tutorial de integração do Alfresco  Labs 3 com o OpenLdap. É que estou tentando fazer a integração e estou com algumas dificuldades.
Obrigado.
0 Kudos
4 Replies
ivo_costa
Member II
‎25 Mar 2009 2:52 PM

Re: OpenLdap

Bom dia

de facto eu fiz uma pequena implementação com openldap durante o meu treino da Alfresco.
os ficheiros necessários já existem na pasta de extensões de uma instalação standard do alfresco, bastando a adaptação dos ficheiros ".properties" e que retire o ".sample" dos ficheiros iniciados em ldap… do lado do openldap não posso ajudar muito uma vez que a tarefa que realizei já tinha um servidor openldap pre-configurado

no entanto se tiver alguma duvida do lado do Alfresco descreva-nos a dificuldade que tentarei ajudar no que poder
de facto a configuração no meu caso apenas necessitou a introdução do user e pass para acesso e a introdução do dominio do servidor

Cumprimentos…

Ivo Costa
0 Kudos
trkpower
Member II
‎25 Mar 2009 8:07 PM

Re: OpenLdap

Boas
A nível do servidor do openldap ja está configurado e a funcionar.
No alfresco eu configurei o ficheiro ldap-authentication.properties com os dados e retirei o sample do ldap-authentication-context.xml no entanto não consigo autenticar-me com nenhum utilizador registado no servidor openldap…
0 Kudos
ivo_costa
Member II
‎26 Mar 2009 10:09 AM

Re: OpenLdap

Bom Dia

não sei isto foi feito, mas o ldap-syncronisation tambem tem que ser configurado para possibilitar o reconhecimento dos dados por parte do alfresco

é apresentado algum erro no log do Alfresco??

se possivel pode adicionar o conteúdo dos dois ficheiros de propriedades?

Cumprimentos…

Ivo Costa
0 Kudos
trkpower
Member II
‎27 Mar 2009 2:51 AM

Re: OpenLdap

ldap-authentication.properties
#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#

# How to map the user id entered by the user to taht passed through to LDAP
# - simple
#    - this must be a DN and would be something like
#      CN=%s,DC=company,DC=com
# - digest
#    - usually pass through what is entered
#      %s
ldap.authentication.userNameFormat=uid=%s,DC=server,DC=pt

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://192.168.100.1:389

# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=SIMPLE
#ldap.authentication.java.naming.security.authentication=DIGEST-MD5

# The default principal to use (only used for LDAP sync)
ldap.authentication.java.naming.security.principal=CN=admin,DC=server,DC=pt

# The password for the default principal (only used for LDAP sync)
ldap.authentication.java.naming.security.credentials=password

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped , is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain
ldap.authentication.escapeCommasInUid=false


ldap-synchronisation.properties

# This properties file is used to configure LDAP syncronisation
#

# The query to find the people to import
ldap.synchronisation.personQuery=(objectclass=inetOrgPerson)

# The search base of the query to find people to import
ldap.synchronisation.personSearchBase=OU=utilizadores,DC=server,DC=pt

# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronisation.userIdAttributeName=uid

# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronisation.userFirstNameAttributeName=givenName

# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronisation.userLastNameAttributeName=sn

# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronisation.userEmailAttributeName=mail

# The attribute on person objects in LDAP to map to the organizational id  property in Alfresco
ldap.synchronisation.userOrganizationalIdAttributeName=o

# The default home folder provider to use for people created via LDAP import
ldap.synchronisation.defaultHomeFolderProvider=personalHomeFolderProvider

# The query to find group objects
ldap.synchronisation.groupQuery=(objectclass=groupofnames)

# The search base to use to find group objects
ldap.synchronisation.groupSearchBase=OU=grupos,DC=server,DC=pt

# The attribute on LDAP group objects to map to the gid property in Alfrecso
ldap.synchronisation.groupIdAttributeName=cn

# The group type in LDAP
ldap.synchronisation.groupType=groupofnames

# The person type in LDAP
ldap.synchronisation.personType=inetOrgPerson

# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronisation.groupMemberAttributeName=member

# The cron expression defining when people imports should take place
ldap.synchronisation.import.person.cron=0 0 * * * ?

# The cron expression defining when group imports should take place
ldap.synchronisation.import.group.cron=0 30 * * * ?

# Should all groups be cleared out at import time?
# - this is safe as groups are not used in Alfresco for other things (unlike person objects which you should never clear out during an import)
# - setting this to true means old group definitions will be tidied up.
ldap.synchronisation.import.group.clearAllChildren=true


LOG
02:47:00,302 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for ricardo.santos
02:47:00,467 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for ricardo.serra
02:47:00,520 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for filipe.andre
02:47:00,612 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for teste
02:48:00,214 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for ricardo.santos
02:48:00,221 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for ricardo.serra
02:48:00,236 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for filipe.andre
02:48:00,269 DEBUG [org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource] Adding user for teste
0 Kudos
The Archive

Content from pre 2016 and from language groups that have been closed.

Content is read-only.

Related Articles

OpenLDAP+Alfresco

pinguim
pinguim Member II
0

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.