Hyland Connect

###############################
## Common Alfresco Properties #
###############################

#
# Sample custom content and index data location
#————-
dir.root=C:/alfresco32/alf_data

#
# Sample database connection properties
#————-
db.name=alfresco32
db.username=alfresco
db.password=alfresco
db.host=localhost
db.port=3306

#
# External locations
#————-
ooo.exe=C:/alfresco32/OpenOffice.org/program/soffice
img.root=C:/alfresco32/ImageMagick
swf.exe=C:/alfresco32/bin/pdf2swf

#
# MySQL connection
#————-
db.driver=org.gjt.mm.mysql.Driver
db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}
hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect

#
# Index Recovery Mode
#————-
#index.recovery.mode=Auto

#
# Outbound Email Configuration
#————-
mail.host=www.gmail.com
mail.port=25
mail.username=serveurmailged
mail.password=serviceinformatique
mail.encoding=UTF-8
mail.from.default=alfresco@alfresco.org
mail.smtp.auth=false

#
# Alfresco Email Service and Email Server
#————-

# Enable/Disable the inbound email service.  The service could be used by processes other than
# the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.
#————-
#email.inbound.enabled=true

# Email Server properties 
#————-
#email.server.enabled=true
#email.server.port=25
#email.server.domain=alfresco.com
#email.inbound.unknownUser=anonymous

# A comma separated list of email REGEX patterns of allowed senders.
# If there are any values in the list then all sender email addresses
# must match.  For example:
#   .*\@alfresco\.com, .*\@alfresco\.org
# Allow anyone:
#————-
#email.server.allowed.senders=.*

#
# The default authentication chain
# To configure external authentication subsystems see:
# http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems
#————-
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad

#
# IMAP
#————-
#imap.server.enabled=true
#imap.server.port=143
#imap.server.host=localhost
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad-authentication.properties‍

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad‍

# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=true

#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=false

# How to map the user id entered by the user to taht passed through to LDAP
# In Active Directory, this can either be the user principal name (UPN) or DN.
# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user
ldap.authentication.userNameFormat=%s@domain

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server 
ldap.authentication.java.naming.provider.url=ldap://central-20.mondomaine.fr:389

# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=digest

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is 
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false

# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=mon_nouvel_admin

# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for 
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=true

# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.java.naming.security.principal=(cn\=administrateur,cn\=users,dc\=mondomaine,dc\=fr)

# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=mon_mot_de_passe_ldap

# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000

# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=group)

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(!(modifyTimestamp<\={0})))

# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))

# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))

# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=(dc\=mondomaine,dc\=fr)

# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=(ou\=utilisateurs,dc\=mondomaine,dc\=fr)

# The name of the operational attribute recording the last update time for a group or user.
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp

# The timestamp format. Unfortunately, this varies between directory servers.
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName

# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName

# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn

# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail

# The attribute on person objects in LDAP to map to the organizational id  property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company

# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=personalHomeFolderProvider

# The attribute on LDAP group objects to map to the gid property in Alfrecso
ldap.synchronization.groupIdAttributeName=cn

# The group type in LDAP
ldap.synchronization.groupType=group

# The person type in LDAP
ldap.synchronization.personType=user

# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronization.groupMemberAttributeName=member
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

c'est une variable ldap-ad1 que l'on créer qui va chercher dans le dossier ldap-ad ou alors il faut un dossier ldap-ad dans un dossier ldap-ad1 ou alors on peut avoir également un ldap-ad2 ?, o_O je comprends rien

je ne comprends pas ce que veux dire ldap-ad1:ldap-ad

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad

C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad1\ldap-ad-authentication.properties‍

authentication.chain=ldap-ad1:ldap-ad
‍‍

14:12:29,442 ERROR [org.alfresco.web.scripts.AbstractRuntime] Exception from executeScript - redirecting to status template error: 06170003 Guest authentication not supported
org.alfresco.repo.security.authentication.AuthenticationException: 06170003 Guest authentication not supported‍‍

qui m'indique que l'on ne peut plus se connecter avec Guest, OK, mais je ne peut plus me connecter non plus avec Admin, ni avec un compte de l'active directory.

C:\alfresco32\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad1\ldap-ad-authentication.properties‍

authentication.chain=ldap-ad1:ldap-ad‍

authentication.chain=ldap1:ldap-ad,passthru1:passthru‍

# This flag enables use of this LDAP subsystem for authentication. It may be
# that this subsytem should only be used for synchronization, in which case
# this flag should be set to false.
ldap.authentication.active=false

#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
ldap.authentication.allowGuestLogin=true

# How to map the user id entered by the user to taht passed through to LDAP
# In Active Directory, this can either be the user principal name (UPN) or DN.
# UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user
ldap.authentication.userNameFormat=%s@DOMAIN_NAME (à remplacer)

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server 
ldap.authentication.java.naming.provider.url=ldap://ip:389 (à remplacer)

# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=simple

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is 
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false

# Comma separated list of user names who should be considered administrators by default
ldap.authentication.defaultAdministratorUserNames=Administrator
# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for 
# authentication, in which case this flag should be set to false.
# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.active=true

# The default principal to bind with (only used for LDAP sync). This should be a UPN or DN
ldap.synchronization.java.naming.security.principal=adresse (à remplacer)

# The password for the default principal (only used for LDAP sync)
ldap.synchronization.java.naming.security.credentials=mot de passe (à remplacer)

# If positive, this property indicates that RFC 2696 paged results should be
# used to split query results into batches of the specified size. This
# overcomes any size limits imposed by the LDAP server.
ldap.synchronization.queryBatchSize=1000

# The query to select all objects that represent the groups to import.
ldap.synchronization.groupQuery=(objectclass\=groupe)

# The query to select objects that represent the groups to import that have changed since a certain time.
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=groupe)(!(modifyTimestamp<\={0})))

# The query to select all objects that represent the users to import.
ldap.synchronization.personQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(company=*))

# The query to select objects that represent the users to import that have changed since a certain time.
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(company=*)(!(modifyTimestamp<\={0})))

# The group search base restricts the LDAP group query to a sub section of tree on the LDAP server.
ldap.synchronization.groupSearchBase=DC\=domaine,DC\=sous_domaine (à remplacer)

# The user search base restricts the LDAP user query to a sub section of tree on the LDAP server.
ldap.synchronization.userSearchBase=DC\=domaine,DC\=sous_domaine (à remplacer)

# The name of the operational attribute recording the last update time for a group or user.
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp

# The timestamp format. Unfortunately, this varies between directory servers.
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'

# The attribute name on people objects found in LDAP to use as the uid in Alfresco
ldap.synchronization.userIdAttributeName=sAMAccountName

# The attribute on person objects in LDAP to map to the first name property in Alfresco
ldap.synchronization.userFirstNameAttributeName=givenName

# The attribute on person objects in LDAP to map to the last name property in Alfresco
ldap.synchronization.userLastNameAttributeName=sn

# The attribute on person objects in LDAP to map to the email property in Alfresco
ldap.synchronization.userEmailAttributeName=mail

# The attribute on person objects in LDAP to map to the organizational id  property in Alfresco
ldap.synchronization.userOrganizationalIdAttributeName=company

# The default home folder provider to use for people created via LDAP import
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider

# The attribute on LDAP group objects to map to the gid property in Alfrecso
ldap.synchronization.groupIdAttributeName=cn

# The group type in LDAP
ldap.synchronization.groupType=group

# The person type in LDAP
ldap.synchronization.personType=user

# The attribute in LDAP on group objects that defines the DN for its members
ldap.synchronization.groupMemberAttributeName=member
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

ntlm.authentication.sso.enabled=true
ntlm.authentication.mapUnknownUserToGuest=false

passthru.authentication.useLocalServer=false
passthru.authentication.domain=DOMAINE (à remplacer)
passthru.authentication.servers=DOMAINE\\ADR_IP_AD1,NS\\ADR_IP_AD2 (à remplacer)
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=userAdminId (à remplacer)
#Timeout value when opening a session to an authentication server, in milliseconds
passthru.authentication.connectTimeout=5000
#Offline server check interval in seconds
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=NetBIOS,TCPIP
passthru.authentication.authenticateCIFS=true
passthru.authentication.authenticateFTP=true

‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

# 
# This properties file is used to configure user registry syncronisation (e.g. LDAP)
#

# Should the scheduled sync job only query users and groups changed since the
# last sync? Note that when true, the sync job will not be able to detect which
# users or groups have been removed from the directory (but obviously group
# membership changes would still be reflected). When false, a more regular
# differential sync on login can still be enabled.
synchronization.synchronizeChangesOnly=false

# The cron expression defining when imports should take place
synchronization.import.cron=0 0 0 * * ?

# Should we trigger a differential sync when missing people log in?
synchronization.syncWhenMissingPeopleLogIn=false

# Should we auto create a missing person on log in?
synchronization.autoCreatePeopleOnLogin=false
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍