Hyland Connect

aldo_valenzuela · ‎03-26-2018

Buenos días, necesito de su ayuda, para poder configurar la autenticacíon de usuarios con con ldap.

El Ldap tiene que estar conectado con AD de un windows 2012 server.

estan son las lineas que tengo puestas en /opt/

### Configuración LDAP para Active Directory ###
authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap
ldap.authentication.active=true

ldap.authentication.userNameFormat=uid=%s,dc=oriencoop,dc=cl

ldap.authentication.java.naming.provider.url=ldap://192.168.80.105:636

create.missing.people=false
ldap.synchronization.active=false

nlemus · ‎04-27-2020

Hola amigos

ya sincronizo los usuarios de mi ldap con freeipa-alfresco, pero veo que en el repositorio en userHomes aparecen todos los usuarios del eldap y les crea un directorio (carpeta).

Lo que quiero es que no se cree esta carpeta a menos que habilite al usuario del ldap para que se firme en el alfresco.

Se puede?

mi codigo es el siguiente:

###############################
## Common Alfresco Properties #
###############################

dir.root=/opt/alfresco-community/alf_data

alfresco.context=alfresco
alfresco.host=192.168.203.146
alfresco.port=8080
alfresco.protocol=http

share.context=share
share.host=192.168.203.146
share.port=8080
share.protocol=http

### database connection properties ###
db.driver=org.postgresql.Driver
db.username=alfresco
db.password=123
db.name=alfresco
db.url=jdbcostgresql://localhost:5432/${db.name}
# Note: your database must also be able to accept at least this many connections. Please see your database documentation for instructions on how to configure this.
db.pool.max=275
db.pool.validate.query=SELECT 1

# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=UNKNOWN

### FTP Server Configuration ###
ftp.port=21

### RMI registry port for JMX ###
alfresco.rmi.services.port=50500

### External executable locations ###
ooo.exe=/opt/alfresco-community/libreoffice/program/soffice.bin
ooo.enabled=true
ooo.port=8100
img.root=/opt/alfresco-community/common
img.dyn=${img.root}/lib
img.exe=${img.root}/bin/convert
alfresco-pdf-renderer.root=/opt/alfresco-community/common/alfresco-pdf-renderer
alfresco-pdf-renderer.exe=${alfresco-pdf-renderer.root}/alfresco-pdf-renderer

jodconverter.enabled=false
jodconverter.officeHome=/opt/alfresco-community/libreoffice
jodconverter.portNumbers=8100

### Initial admin password ###
alfresco_user_store.adminpassword=3dbde697d71690a769204beb12283678

### E-mail site invitation setting ###
notification.email.siteinvite=false

### License location ###
dir.license.external=/opt/alfresco-community

### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.host=localhost
solr.port.ssl=8443

### Allow extended ResultSet processing
security.anyDenyDenies=false

### Smart Folders Config Properties ###
smart.folders.enabled=false

### Remote JMX (Default: disabled) ###
alfresco.jmx.connector.enabled=false

#LDAP Auth
#authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap-ad
authentication.chain=ldap2:ldap,ldap1:ldap,alfinst:alfrescoNtlm
ldap.authentication.active=true
ldap.authentication.java.naming.provider.url=ldap://cipa.domain.nlc:389
ldap.authentication.userNameFormat=uid=%s,cn=users,cn=accounts,dc=domain,dc=nlc

###LDAP Sync
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=uid=admin,cn=users,cn=accounts,dc=domain,dc=nlc
ldap.synchronization.java.naming.security.credentials=123456789
ldap.synchronization.groupQuery=(objectclass=groupOfUniqueNames)
ldap.synchronization.personQuery=(objectclass=inetOrgPerson)
ldap.synchronization.groupSearchBase=cn=groups,cn=accounts,dc=domain,dc=nlc
ldap.synchronization.userSearchBase=cn=users,cn=accounts,dc=domain,dc=nlc
ldap.synchronization.userIdAttributeName=UserID
ldap.synchronization.userLastNameAttributeName=LastName
ldap.synchronization.userEmailAttributeName=Emailaddress
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupDisplayNameAttributeName=cn
ldap.synchronization.groupType=groupOfUniqueNames
ldap.synchronization.personType=inetOrgPerson
ldap.synchronization.groupMemberAttributeName=uniqueMember
synchronization.syncOnStartup=true
synchronization.import.cron=0 0 0 * * ?

##invitacion al sitio
notification.email.siteinvite=true

# Outbound Email Configuration
mail.host=srvdovecot.domain.nlc
mail.port=25
mail.username=alfrescomail@domain.nlc
mail.password=password
mail.encoding=UTF-8
mail.from.default=alfrescomail@domain.nlc
mail.smtp.auth=true

# Alfresco Email Service and Email Server
# Enable/Disable the inbound email service. The service could be used by processes other than
# the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.

email.inbound.enabled=true

# Email Server properties
email.server.enabled=true
email.server.port=25
email.server.domain=domain.nlc
email.inbound.unknownUser=anonymous

# A comma separated list of email REGEX patterns of allowed senders.
# If there are any values in the list then all sender email addresses
# must match. For example:
# .*\@alfresco\.com, .*\@alfresco\.org
# Allow anyone:
#-------------
email.server.allowed.senders=.*

#start alfresco service notification
mail.smtps.auth=false
mail.testmessage.send=true
mail.testmessage.to=alfrescomail@domain.nlc
mail.testmessage.subject=Service notificacion Alfresco
mail.testmessage.text=El servicio de alfresco se ha iniciado

Hyland Connect

Configuración de alfresco ldap con AD windows 2012 server.