#
# LDAP
#
ldap.authentication.active=false
ldap.authentication.allowGuestLogin=true
ldap.authentication.userNameFormat=%s
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://srv-domain:389
ldap.authentication.java.naming.security.authentication=DIGEST-MD5
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=Administrator
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=DIGEST-MD5
ldap.synchronization.java.naming.security.principal=user.it
ldap.synchronization.java.naming.security.credentials=xpasswd
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.attributeBatchSize=1000
ldap.synchronization.groupQuery=(objectClass\=*)
ldap.synchronization.groupDifferentialQuery=(objectClass\=*)
ldap.synchronization.personQuery=(&(objectClass=top)(&(!(OU=Desligados))(!(CN=ldap sync))))
ldap.synchronization.personDifferentialQuery=(objectClass\=*)
ldap.synchronization.groupSearchBase=OU=Grupos,DC=EMPINT,DC=local
ldap.synchronization.userSearchBase=OU=Usuarios,DC=EMPINT,DC=local
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=company
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=displayName
ldap.synchronization.groupType=group
ldap.synchronization.personType=user
#extra fields sync – daniel.joppi
ldap.synchronization.userJobTitleAttributeName=title
ldap.synchronization.userPhysicalDeliveryOfficeName=physicalDeliveryOfficeName
ldap.synchronization.userStreetAddress1AttributeName=streetAddress
ldap.synchronization.userCityAttributeName=l
ldap.synchronization.userStateAttributeName=st
ldap.synchronization.userPostalCodeAttributeName=postalCode
ldap.synchronization.userTelephoneNumberAttributeName=telephoneNumber
ldap.synchronization.userFaxNumberAttributeName=facsimileTelephoneNumber
ldap.synchronization.groupMemberAttributeName=member
ldap.synchronization.enableProgressEstimation=true
synchronization.synchronizeChangesOnly=true
synchronization.import.cron=0 0 0 * * ?
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.syncOnStartup=true
synchronization.autoCreatePeopleOnLogin=true
synchronization.loggingInterval=100
synchronization.workerThreads=2
<!– Regularly exports user and group information from LDAP –>
<bean id="userRegistry" class="org.alfresco.repo.security.sync.ldap.LDAPUserRegistry">
<property name="active">
<value>${ldap.synchronization.active}</value>
</property>
…
<!–
This property defines a mapping between attributes held on LDAP user objects and
the properties of user objects held in the repository. The key is the QName of an attribute in
the repository, the value is the attribute name from the user/inetOrgPerson/.. object in the
LDAP repository.
–>
<property name="personAttributeMapping">
<map>
<entry key="cm:userName">
<!– Must match the same attribute as userIdAttributeName –>
<value>${ldap.synchronization.userIdAttributeName}</value>
</entry>
<entry key="cm:firstName">
<!– OpenLDAP: "givenName" –>
<!– Active Directory: "givenName" –>
<value>${ldap.synchronization.userFirstNameAttributeName}</value>
</entry>
<entry key="cm:lastName">
<!– OpenLDAP: "sn" –>
<!– Active Directory: "sn" –>
<value>${ldap.synchronization.userLastNameAttributeName}</value>
</entry>
<entry key="cm:email">
<!– OpenLDAP: "mail" –>
<!– Active Directory: "???" –>
<value>${ldap.synchronization.userEmailAttributeName}</value>
</entry>
<entry key="cm:organization">
<!– OpenLDAP: "o" –>
<!– Active Directory: "???" –>
<value>${ldap.synchronization.userOrganizationalIdAttributeName}</value>
</entry>
<!– This deprecated property has been replaced by "cm:organization". We will use the same mapping –>
<entry key="cm:organizationId">
<!– OpenLDAP: "o" –>
<!– Active Directory: "???" –>
<value>${ldap.synchronization.userOrganizationalIdAttributeName}</value>
</entry>
<entry key="cm:jobtitle">
<value>${ldap.synchronization.userJobTitleAttributeName}</value>
</entry>
<entry key="cm:location">
<value>${ldap.synchronization.userPhysicalDeliveryOfficeName}</value>
</entry>
<entry key="cm:companyaddress1">
<value>${ldap.synchronization.userStreetAddress1AttributeName}</value>
</entry>
<entry key="cm:companyaddress2">
<value>${ldap.synchronization.userCityAttributeName}</value>
</entry>
<entry key="cm:companyaddress3">
<value>${ldap.synchronization.userStateAttributeName}</value>
</entry>
<entry key="cm:companypostcode">
<value>${ldap.synchronization.userPostalCodeAttributeName}</value>
</entry>
<entry key="cm:companytelephone">
<value>${ldap.synchronization.userTelephoneNumberAttributeName}</value>
</entry>
<entry key="cm:companyfax">
<value>${ldap.synchronization.userFaxNumberAttributeName}</value>
</entry>
<!– Always use the default –>
<entry key="cm:homeFolderProvider">
<null/>
</entry>
</map>
</property>
…
</bean>
Content from pre 2016 and from language groups that have been closed.
Content is read-only.
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.