Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Custom Home Folders for imported users

brunom
Champ in-the-making
Champ in-the-making

‎12-18-2006 05:47 PM

Hello all,

This is quite a simple question, I know, but I have been unable to find a way to solve this so a little help wouldn't go amiss.

I've been able to configure Alfresco (1.4) to import users from our LDAP server without too much trouble but I am trying to create their Home Folders on a space called "Users" within the "Company Home" instead of the default top level within "Company Home" as it's a bit cluttered.

I've been trying to figure out what I need to put into the personalHomeFolderProvider bean … 

    <bean name="personalHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider">
        <property name="serviceRegistry">
                    <ref bean="ServiceRegistry" />
                </property>
        <property name="path">
           <value>/${spaces.company_home.childname}</value>
        </property>
        <property name="storeUrl">
           <value>${spaces.store}</value>
        </property>
        <property name="homeFolderManager">
                        <ref bean="homeFolderManager" />
                </property>
        <property name="inheritsPermissionsOnCreate">
            <value>false</value>
        </property>
        <property name="ownerPemissionsToSetOnCreate">
            <set>
                <value>All</value>
            </set>
        </property>
        <property name="userPemissions">
            <set>
                <value>All</value>
            </set>
        </property>
    </bean>

But I am not an Alfresco expert so I am not 100% sure yet how to reference different PATHS within the configuration files.

Any hints?

Thank you in advance,

/B
Labels:
0 Kudos
9 REPLIES 9

jason_botwick
Champ in-the-making
Champ in-the-making

‎01-03-2007 04:33 PM

Andy, can you be a little more specific here? I'm having the same problem.

I think the original question has to do with how to specify a path. For example, in the wiki (and in the original poster's example), there is this section of code:

        
<property name="path">
  <value>/${spaces.company_home.childname}</value>
</property>

and the user wants to create a root-level folder named Users and have home folders be created within that subfolder. But when I try to change the above code like to this:

        
<property name="path">
  <value>/${spaces.company_home.childname}/Users</value>
</property>

I get import errors like this

org.alfresco.repo.importer.ExportSourceImporterException: Failed to import
    at org.alfresco.repo.importer.ExportSourceImporter.doImport(ExportSourceImporter.java:206)
    at org.alfresco.repo.importer.ImporterJob.execute(ImporterJob.java:36)
    at org.quartz.core.JobRunShell.run(JobRunShell.java:191)
    at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:516)
Caused by: org.alfresco.service.cmr.view.ImporterException: Failed to import package at line 562; column 16 due to error: Non-unique path: found : /app:company_home/Users 0

Is there some documentation or somewhere you can point us that explains how to specify a path to a user-created folder?

Thanks,
Jason
0 Kudos

jason_botwick
Champ in-the-making
Champ in-the-making

‎01-03-2007 05:23 PM

Replying to myself . . .

I dug the answer out of this post:

The code needs to be like this (again, assuming you have a Users space defined at the root level of your repository):

       
<property name="path">
  <value>/${spaces.company_home.childname}/cm:Users</value>
</property>

So is there documentation that explains where the 'cm:' type prefixes are defined?
0 Kudos

pakin
Champ in-the-making
Champ in-the-making

‎01-04-2007 03:57 AM

Thanks for your solution jason.botwick, I had a lot of dubts about this subject until now. I think that the information in the alfresco wiki should be revised and improved because lots of time is not clear.

I'm writting a post for CAS SSO Alfresco 1.4 integration and any contribution would be appreciated. Thank you again.

http://forums.alfresco.com/viewtopic.php?t=4770&highlight=ldap&sid=8a668fe6e5fa4c8d090fdb45692b0c4d

Regards.
0 Kudos

pakin
Champ in-the-making
Champ in-the-making

‎01-04-2007 06:11 AM

Can you explain us the complete process to get users and groups imported from an LDAP, please?

Thanks again.
0 Kudos

brunom
Champ in-the-making
Champ in-the-making

‎01-08-2007 05:07 PM

Thank you Jason, I will try that one out!
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎01-16-2007 04:57 AM

Hello all

I got ldap syncronization working with a configuration similar to pakin's post referenced here.. The user are imported and the custom Home Spaces are created in /Company/Usuarios/ . The problem is that users can't access or create contents on its own home folder, but if I log in with a user not imported from ldap the home folder is created automatically with the correct permissions (the user is created because .createMissingPeople property is set to  ${server.transaction.allow-writes} ). This new user can create contents in its home folder and the imported user can't.

It seems there is a problem with the authorization of users created troght the ldap import  in it's own home folder but I don't know what fails in my configuration.

One of the error I got with the imported users when I log in alfresco is:

Caused by: org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied.  You do not have the appropriate permissions to perform this operation.
        at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:45)

I log in as administrator and check the permissions using the Manage Space Users Option. Both users have permissions "All".

Here is my personalHomeFolderProvider bean definition:

<bean name="personalHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider">
        <property name="serviceRegistry">
                <ref bean="ServiceRegistry" />
        </property>
        <property name="path">
                <value>/${spaces.company_home.childname}/cm:Usuarios</value>
        </property>
        <property name="storeUrl">
                <value>${spaces.store}</value>
        </property>
        <property name="homeFolderManager">
                <ref bean="homeFolderManager" />
        </property>
        <property name="inheritsPermissionsOnCreate">
                <value>false</value>
        </property>
        <property name="ownerPemissionsToSetOnCreate">
                <set>
                        <value>All</value>
                </set>
        </property>
        <property name="userPemissions">
                <set>
                        <value>All</value>
                </set>
        </property>
    </bean>

Here is the definition of the spaces as defined in alfresco/bootstrap/spaces.xml

        <cm:folder view:childName="cm:Usuarios">
                <view:acl view:inherit="true">
                <app:uifacets />
                <cm:name>Usuarios</cm:name>
                <app:icon>space-icon-default</app:icon>
                <cm:title>User Home</cm:title>
                <cm:description>Espacio Comun de Usuarios</cm:description>
         </cm:folder>

Note I have to set  
<property name="inheritsPermissionsOnCreate">
                <value>true</value>
        </property>
to a value true for user to access to view (not create contents in it) its own home folder.

The access trought CIFS works correctly so the problem deals with the authorization in web client.

Any help will be apprecciated.
Thanks.
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎01-16-2007 06:42 AM

Hello again

This behaivor act the same for any folder created in alfresco, ignoring any invitation of any role.

I finally discover what originate that weird behavior, at least for my. The uids from my ldap import are all in uppercase and Alfresco make a conversion to lowercase in the authentication proccess. Let's say user HSANTANDER in ldap is imported without problem in Alfresco. When this user try to log in if use HSANTANDER or hsantander logs in without problem, but the authorization mechanism of alfresco only authorized uid HSANTANDER. In the logs appears the uid in lowercase independenlty how you type it.

12:22:58,282 DEBUG [app.servlet.NTLMAuthenticationFilter] User logged on via NTLM, [hsantander,Wks:,Dom:ALFSERVER_A,AuthSrv:ALFSERVER_A,Tue Jan 16 12:22:58 CET 2007]

If I set 
                <property name="userNamesAreCaseSensitive">
                <value>true</value>
the user simply get this error 

12:22:34,742 ERROR [[localhost].[/alfresco].[externalAccess]] Servlet.service() para servlet externalAccess lanzó excepción
org.alfresco.service.cmr.security.NoSuchPersonException: User does not exist and could not be created: sbh000
which It's correct because I set createMissingPeople property to false.

The authentication mechanisme used is NTLM, I don't know it this cares for this problem.

I create a new user in ldap in lowercase and it works perfectly. So the problem or question is how can I set alfresco deal with this situation, usernames imported in uppercase from a ldap sync?

Any help will be apretiated. Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎03-07-2007 07:07 AM

Hi

NTLM contained a bug by which user names were lowercased.
This if fixed post 1.4.0.

Cheers

Andy
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC