Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP attribute mapping for sync purpose

jsabah
Champ on-the-rise
Champ on-the-rise

‎09-07-2009 10:37 PM

Hi all,

As I was struggling to find some information on how to map LDAP attributes in Alfresco Authentication files, here is what I found. Hope it helps others.

First you need to add the entries you want to map in \Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\common-ldap-context.xml
<property name="attributeMapping">
            <map>
                <entry key="cm:userName">
                    <!– Must match the same attribute as userIdAttributeName –>
                    <value>${ldap.synchronization.userIdAttributeName}</value>
                </entry>
                <entry key="cm:firstName">
                    <!– OpenLDAP: "givenName" –>
                    <!– Active Directory: "givenName" –>
                    <value>${ldap.synchronization.userFirstNameAttributeName}</value>
                </entry>
                <entry key="cm:lastName">
                    <!– OpenLDAP: "sn" –>
                    <!– Active Directory: "sn" –>
                    <value>${ldap.synchronization.userLastNameAttributeName}</value>
                </entry>
                <entry key="cm:email">
                    <!– OpenLDAP: "mail" –>
                    <!– Active Directory: "???" –>
                    <value>${ldap.synchronization.userEmailAttributeName}</value>
                </entry>
                <entry key="cm:organizationId">
                    <!– OpenLDAP: "o" –>
                    <!– Active Directory: "???" –>
                    <value>${ldap.synchronization.userOrganizationalIdAttributeName}</value>
                </entry>
                <entry key="cm:jobtitle">
          <value>${ldap.synchronization.userJobTitleAttributeName}</value>
      </entry>
      <entry key="cm:organization">
          <value>${ldap.synchronization.userOrganizationAttributeName}</value>
      </entry>
      <entry key="cm:companyaddress1">
          <value>${ldap.synchronization.usercompanyaddress1AttributeName}</value>
      </entry>
      <entry key="cm:location">
          <value>${ldap.synchronization.userLocationAttributeName}</value>
      </entry>
                <!– Always use the default –>
                <entry key="cm:homeFolderProvider">
                    <null/>
                </entry>
            </map>
</property>

OK, but how do you get the right entry key ID ? Well they are all listed in the table qf_name in your alfresco DB, here is the non-exhaustive list :
id   local_name
1   store_root
2   aspect_root
3   container
4   children
5   user
6   enabled
7   credentialsExpire
8   accountExpires
9   accountLocked
10   password
11   username
12   descriptor
13   versionSchema
14   versionMajor
15   versionLabel
16   versionRevision
17   versionMinor
18   versionBuild
19   name
20   versionEdition
21   versionProperties
22   All
23   versionStoreRoot
24   versionStoreRoot
25   folder
26   auditable
27   icon
28   name
29   description
30   title
31   uifacets
32   titled
33   cmobject
34   contains
35   content
36   author
37   editInline
38   inlineeditable
39   base
40   person
41   userName
42   owner
43   email
44   organizationId
45   lastName
46   homeFolderProvider
47   firstName
48   ownable
49   homeFolder
50   category_root
51   category
52   categories
53   subcategories
54   mlRoot
55   source
56   copiedfrom
57   templatable
58   template
59   rules
60   systemfolder
61   ruleFolder
62   rule
63   disabled
64   ruleType
65   applyToChildren
66   executeAsynchronously
67   compositeaction
68   executeAsynchronously
69   definitionName
70   actionTitle
71   actionDescription
72   action
73   actioncondition
74   invert
75   conditions
76   actionparameter
77   parameterName
78   parameterValue
79   parameters
80   action
81   actions
82   sites
83   authorityContainer
84   authorityName
85   zone
86   inZone
87   member
88   alias
89   aliasable
90   emailed
91   incomplete
92   creator
93   created
94   .sitestore
95   installedVersion
96   currentVersion
97   sizeCurrent
98   configurable
99   configurations
100   presenceProvider
101   location
102   presenceUsername
103   organization
104   jobtitle
105   sizeQuota
106   mobile
107   companypostcode
108   companyfax
109   companyaddress3
110   companytelephone
111   skype
112   companyaddress2
113   telephone
114   instantmsg
115   persondescription
116   companyemail
117   companyaddress1

So for example, if you want to add the company telephone, you would add the following entry in common-ldap-context.xml:
<entry key="cm:companytelephone">
    <value>${ldap.synchronization.userCompanyTelephoneAttributeName}</value>
</entry>
You can set the name of the value to whatever you want, just make sure it makes sense for you when you read your file later on Smiley Wink

Then you have to add these newly created entries in your \Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad\ldap-ad-authentication.properties
# Additional attributes mapping by you_name
ldap.synchronization.userLocationAttributeName=physicalDeliveryOfficeName
ldap.synchronization.usercompanyaddress1AttributeName=streetAddress

ldap.synchronization.userCompanyTelephoneAttributeName=telephoneNumber

If you don't know the name of the LDAP objects (like street address or telephone number), you can use an LDAP Browser like Softerra.

Hope my explanations were clear enough.

Jonathan
Labels:
7 REPLIES 7

dward
Champ on-the-rise
Champ on-the-rise

‎09-08-2009 06:41 AM

You should never edit the product configuration in WEB-INF, as you will lose all your customizations when you next upgrade.

The correct way to override the Spring configuration of a subsystem is documented here.

http://wiki.alfresco.com/wiki/Alfresco_Subsystems#Spring_Beans
0 Kudos

dward
Champ on-the-rise
Champ on-the-rise

‎09-08-2009 06:42 AM

See also

http://forums.alfresco.com/en/viewtopic.php?f=9&t=21262&p=70132
0 Kudos

bnordgren
Champ in-the-making
Champ in-the-making

‎12-31-2009 06:06 PM

I had some trouble locating the `qf_name` table in version 3.2r2.  However, if I understand the database schema (which is not guaranteed) I believe this SQL query will show the list of attributes present in the content model:

SELECT `alf_qname`.id, local_name
FROM `alf_namespace` , `alf_qname`
WHERE ns_id = `alf_namespace`.id
AND uri = 'http://www.alfresco.org/model/content/1.0'

Also, if I'm not mistaken, since we're making <cmSmiley Tongueerson/> objects out of this, the only attributes which matter must be present as properties in the definition of <cmSmiley Tongueerson/> (contained in ./WEB-INF/classes/alfresco/model/contentModel.xml).  Presumably this xml file must be synced with the hardcoded definition of a person in ContentModel.java.  It seems a bit of a maintenance headache to have the same thing defined in three different places, but maybe there is one authoritative source and the rest are autogenerated…

    // person
    static final QName TYPE_PERSON = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "person");
    static final QName PROP_USERNAME = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "userName");
    static final QName PROP_HOMEFOLDER = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "homeFolder");
    static final QName PROP_FIRSTNAME = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "firstName");
    static final QName PROP_LASTNAME = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "lastName");
    static final QName PROP_EMAIL = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "email");
    static final QName PROP_ORGID = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "organizationId");
    static final QName PROP_HOME_FOLDER_PROVIDER = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "homeFolderProvider");
    static final QName PROP_DEFAULT_HOME_FOLDER_PATH = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "defaultHomeFolderPath");
    static final QName PROP_PRESENCEPROVIDER = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "presenceProvider");
    static final QName PROP_PRESENCEUSERNAME = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "presenceUsername");
    static final QName PROP_ORGANIZATION = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "organization");
    static final QName PROP_JOBTITLE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "jobtitle");
    static final QName PROP_LOCATION = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "location");
    static final QName PROP_PERSONDESC = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "persondescription");
    static final QName PROP_TELEPHONE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "telephone");
    static final QName PROP_MOBILE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "mobile");
    static final QName PROP_COMPANYADDRESS1 = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companyaddress1");
    static final QName PROP_COMPANYADDRESS2 = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companyaddress2");
    static final QName PROP_COMPANYADDRESS3 = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companyaddress3");
    static final QName PROP_COMPANYPOSTCODE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companypostcode");
    static final QName PROP_COMPANYTELEPHONE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companytelephone");
    static final QName PROP_COMPANYFAX = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companyfax");
    static final QName PROP_COMPANYEMAIL = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "companyemail");
    static final QName PROP_SKYPE = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "skype");
    static final QName PROP_INSTANTMSG = QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, "instantmsg");

Note that the prefix for "NamespaceService.CONTENT_MODEL_1_0_URI" is hardcoded to "cm" by "PersonServiceImpl.java".
0 Kudos

loftux
Star Contributor
Star Contributor

‎01-01-2010 08:19 AM

bnordgren,

You should not need to look in the db
tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/contentModel.xml
and do a search for cmSmiley Tongueerson, as you did should be enough.
Read http://wiki.alfresco.com/wiki/Data_Dictionary_Guide and you can start exploring the power and extensibility of Alfrescos data model.

The definition in ContentModel.java is for built in data models and to ease the java coding (as avoid making typos for qname), but the data model works independently of this file.

bnordgren
Champ in-the-making
Champ in-the-making

‎01-05-2010 02:31 PM

Thanks for the pointer.  I'm starting to fiddle with it again.  I did notice, though, that the XML metadata says the content model is at version 1.1, not 1.0.  The content model seems to be out of sync with its own uri… Smiley Happy But to fix it, they're going to need to do a global find and replace, searching for every single occurrence of CONTENT_MODEL_1_0_URI. Smiley Happy Convenience is in the eye of the beholder, I guess. Smiley Wink
0 Kudos

ifhayz
Champ in-the-making
Champ in-the-making

‎11-04-2011 04:02 AM

I've synchronized job title with Windows Active Directory, but job title field can't be edited and the value is null.. I checked to my active directory, job title field is not null…

Could someone give me the solution..?


Regards
0 Kudos

techguy817
Champ in-the-making
Champ in-the-making

‎12-07-2011 09:46 PM

Can anyone help shed more light on how to get the Active Directory email attribute to map through? I'm trying to use the LDAP Browser to check for properties but I can't figure it out.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC