07-08-2009 03:15 AM
07-09-2009 10:44 AM
07-09-2009 10:51 AM
###############################
## Common Alfresco Properties #
###############################
#
# Sample custom content and index data location
#————-
dir.root=C:/alfresco32/alf_data
#
# Sample database connection properties
#————-
db.name=alfresco32
db.username=alfresco
db.password=alfresco
db.host=localhost
db.port=3306
#
# External locations
#————-
ooo.exe=C:/alfresco32/OpenOffice.org/program/soffice
img.root=C:/alfresco32/ImageMagick
swf.exe=C:/alfresco32/bin/pdf2swf
#
# MySQL connection
#————-
db.driver=org.gjt.mm.mysql.Driver
db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}
hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect
#
# Index Recovery Mode
#————-
#index.recovery.mode=Auto
#
# Outbound Email Configuration
#————-
mail.host=www.gmail.com
mail.port=25
mail.username=serveurmailged
mail.password=serviceinformatique
mail.encoding=UTF-8
mail.from.default=alfresco@alfresco.org
mail.smtp.auth=false
#
# Alfresco Email Service and Email Server
#————-
# Enable/Disable the inbound email service. The service could be used by processes other than
# the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.
#————-
#email.inbound.enabled=true
# Email Server properties
#————-
#email.server.enabled=true
#email.server.port=25
#email.server.domain=alfresco.com
#email.inbound.unknownUser=anonymous
# A comma separated list of email REGEX patterns of allowed senders.
# If there are any values in the list then all sender email addresses
# must match. For example:
# .*\@alfresco\.com, .*\@alfresco\.org
# Allow anyone:
#————-
#email.server.allowed.senders=.*
#
# The default authentication chain
# To configure external authentication subsystems see:
# http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems
#————-
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
#
# IMAP
#————-
#imap.server.enabled=true
#imap.server.port=143
#imap.server.host=localhost
07-13-2009 08:05 AM
07-13-2009 09:34 AM
07-13-2009 11:08 AM
07-17-2009 03:57 AM
C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad-authentication.properties
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=true
#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=false
# How to map the user id entered by the user to taht passed through to LDAP
# In Active Directory, this can either be the user principal name (UPN) or DN.
# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user
ldap.authentication.userNameFormat=%s@domain
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://central-20.mondomaine.fr:389
# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=digest
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=mon_nouvel_admin
# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true
# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.java.naming.security.principal=(cn\=administrateur,cn\=users,dc\=mondomaine,dc\=fr)
# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=mon_mot_de_passe_ldap
# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000
# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=group)
# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))
# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))
# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=(dc\=mondomaine,dc\=fr)
# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=(ou\=utilisateurs,dc\=mondomaine,dc\=fr)
# The name of the operational attribute recording the last update time for a group or user.
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
# The timestamp format. Unfortunately, this varies between directory servers.
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName
# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName
# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn
# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail
# The attribute on person objects in LDAP to map to the organizational id property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company
# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=personalHomeFolderProvider
# The attribute on LDAP group objects to map to the gid property in Alfrecso
ldap.synchronization.groupIdAttributeName=cn
# The group type in LDAP
ldap.synchronization.groupType=group
# The person type in LDAP
ldap.synchronization.personType=user
# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronization.groupMemberAttributeName=member
07-17-2009 06:56 AM
je ne comprends pas ce que veux dire ldap-ad1:ldap-adEn fait, "ldap-ad1" est le nom de ta config perso (tu peux mettre ce que tu veux), et "ldap-ad" est le type d'authentification associé. Le principe est que l'on puisse configurer plusieurs subsystems de type "ldap-ad", par exemple "ldap-ad1", "ldap-ad2", etc… en plaçant les fichiers de conf dans des sous-dossiers "ldap-ad1", "ldap-ad2", etc… eux-mêmes placés dans le dossier "ldap-ad". Sauf que le bug qui a été signalé semble montrer que, quel que soit le subsystem déclaré, c'est toujours le fichier de conf par défaut qui est pris.
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-adRéessaie en mettant authentication.chain=ldap-ad1:ldap-ad
07-17-2009 08:17 AM
C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad1\ldap-ad-authentication.properties
authentication.chain=ldap-ad1:ldap-ad
14:12:29,442 ERROR [org.alfresco.web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 06170003 Guest authentication not supported
org.alfresco.repo.security.authentication.AuthenticationException: 06170003 Guest authentication not supported
08-06-2009 12:11 PM
C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad1\ldap-ad-authentication.properties
authentication.chain=ldap-ad1:ldap-ad
08-06-2009 12:40 PM
authentication.chain=ldap1:ldap-ad,passthru1:passthru
# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=false
#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=true
# How to map the user id entered by the user to taht passed through to LDAP
# In Active Directory, this can either be the user principal name (UPN) or DN.
# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user
ldap.authentication.userNameFormat=%s@DOMAIN_NAME (à remplacer)
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://ip:389 (à remplacer)
# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=simple
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=Administrator
# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.active=true
# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.java.naming.security.principal=adresse (à remplacer)
# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=mot de passe (à remplacer)
# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000
# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=groupe)
# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupe)(!(modifyTimestamp<\={0})))
# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(company=*))
# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(company=*)(!(modifyTimestamp<\={0})))
# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=DC\=domaine,DC\=sous_domaine (à remplacer)
# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=DC\=domaine,DC\=sous_domaine (à remplacer)
# The name of the operational attribute recording the last update time for a group or user.
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
# The timestamp format. Unfortunately, this varies between directory servers.
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName
# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName
# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn
# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail
# The attribute on person objects in LDAP to map to the organizational id property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company
# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
# The attribute on LDAP group objects to map to the gid property in Alfrecso
ldap.synchronization.groupIdAttributeName=cn
# The group type in LDAP
ldap.synchronization.groupType=group
# The person type in LDAP
ldap.synchronization.personType=user
# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronization.groupMemberAttributeName=member
ntlm.authentication.sso.enabled=true
ntlm.authentication.mapUnknownUserToGuest=false
passthru.authentication.useLocalServer=false
passthru.authentication.domain=DOMAINE (à remplacer)
passthru.authentication.servers=DOMAINE\\ADR_IP_AD1,NS\\ADR_IP_AD2 (à remplacer)
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=userAdminId (à remplacer)
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true
#
# This properties file is used to configure user registry syncronisation (e.g. LDAP)
#
# Should the scheduled sync job only query users and groups changed since the
# last sync? Note that when true, the sync job will not be able to detect which
# users or groups have been removed from the directory (but obviously group
# membership changes would still be reflected). When false, a more regular
# differential sync on login can still be enabled.
synchronization.synchronizeChangesOnly=false
# The cron expression defining when imports should take place
synchronization.import.cron=0 0 0 * * ?
# Should we trigger a differential sync when missing people log in?
synchronization.syncWhenMissingPeopleLogIn=false
# Should we auto create a missing person on log in?
synchronization.autoCreatePeopleOnLogin=false
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.