Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Do not list all Users in 'Company/User Homes'

khabaal
Champ in-the-making
Champ in-the-making

‎08-25-2010 05:28 AM

We have a slight problem with listing Users inside the "User Homes" directory inside Alfresco.
The problem is that we sync users against an LDAP Server which has currently more than 32000 users.

If someone now clicks on the "Company/User Homes" button inside the share webfrontend, alfresco tries to list all 32000 users which causes the "org.alfresco.personTransactionalCache" to run full after 3300 users. So we decided to completely remove access to "User Homes", "Data Dictionary" and "Guest Home" for anyone but the admin user. Since we do not want to share files between users anywhere else than the "Sites" this is not a big deal. Besides that we do not want every user to get to know all the other usernames which could lead to serious security issues.

Some of our users would like to have access to their home directory though and since we have disabled the "User Homes" directory they have no way to access it from WEBDAV, FTP or CIFS ( it currently only lists the "Sites" folder ).

So my questions now would be:
- Is it possible to make the own home folder accessible from WEBDAV, CIFS etc. without listing all the other users.
- Is it possible to list only the own folder and those of the people who granted access to their shared folder inside "Company/User Homes"
Labels:
0 Kudos
5 REPLIES 5

khabaal
Champ in-the-making
Champ in-the-making

‎08-26-2010 04:29 AM

A little update on problems Smiley Happy

I decided to solve all problems with throwing away (well more like revoking permissions) all "Company" folders except the "Sites" folder as i mentioned it in my previous post as i discovered that it is possible to map the users home folder into the Company Folder using org.alfresco.filesys.alfresco.HomeShareMapper
And thats where i want to announce further problems because of a lack of knowledge…

I have created a new xml file inside "/opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/fileservers/default/default/" with the name "custom-file-servers-context.xml" which seems to load when alfreso is starting, but it just does nothing…

Debugging logs also show nothing:
log4j.logger.org.alfresco.smb.protocol=debug
log4j.logger.org.alfresco.fileserver=debug

Since there is nearly no explanation or howto for alfresco 3.3 out there ive tried to create something myself, without success so far…

The "custom-file-servers-context.xml" looks like this atm.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING/DTD BEAN//EN"
    "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>

   <bean id="HomeShareMapper" class="org.alfresco.filesys.alfresco.HomeShareMapper">
      <property name="HomeShareName">
         <value>home</value>
      </property>
   </bean>

</beans>


This might also be interesting:
http://dev.alfresco.com/resource/docs/java/repository/org/alfresco/filesys/alfresco/HomeShareMapper....
http://wiki.alfresco.com/wiki/File_Server_Subsystem#Home_Folder_Filesystem
0 Kudos

mrogers
Star Contributor
Star Contributor

‎08-26-2010 09:08 AM

Another approach may be to change the permissions for each user's home folder to not make it readable by other users.  
I've not got the code in front of me, but I know its possible to change the default permissions for the user's home.
0 Kudos

khabaal
Champ in-the-making
Champ in-the-making

‎08-26-2010 09:37 AM

That would also be a nice idea since it would be possible to share the private folder with another user very easily. Since we use LDAP Sync. this solution would require a change inside the synchronization options so that it sets the correct permissions when creating new shared-homefolders.
0 Kudos

khabaal
Champ in-the-making
Champ in-the-making

‎08-27-2010 04:07 AM

Ive tried your approach with changing permissions inside the User-Folders inside "Company/User Homes" with success, it only shows the own personal folder but the problem is, it takes more than 30 seconds with heavy CPU load until it is displayed. I guess its because there are 32000 other peoples folders inside there. It works, but we cannot use it. Im sure people will run mad if they have to wait that long for results when clicking a folder and the result of that would be ringing telephones in our office what we would like to avoid.  :mrgreen:

So i think mapping a single private-homeFolder into the Company Folder would be the better choice.
0 Kudos

leonk
Champ in-the-making
Champ in-the-making

‎11-17-2010 08:53 PM

I have the same problem (running Community ver. 3.4.b).
Even worse.
We've got 150,000 users sync-ed to a local MySQL DB.

Clicking on "Company->User Homes" will run  with heavy CPU and memory utilization and eventually time out.

Is there an option to limit display of those "user homes" to let's say 10 and use "Next page" to display others?

I assume that changing permission like Khabaal did, won't help me with 150K users.
Any option to hide "User Homes"?

Any suggestions/solutions?
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC