cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP Synchronization of User Details

fkeller
Champ in-the-making
Champ in-the-making
Hello,

we have installed and setup Alfresco CE 3.2 on ubuntu 9.04 using the cononical partner repository. Authentication against ldap (MS AD) works fine with three AD Servers (chaining).
Now we want to sync the User Details from AD (Mail Address, given name, …) to alfresco. what would be the best way to do this?

We tried to get ldap sync up and running but it didn't work.

thanks for help
31 REPLIES 31

mrojas73
Champ in-the-making
Champ in-the-making
Currently you would need to override the Spring configuration to expand the list of mapped attributes.

If you copy

%TOMCAT_HOME%\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\common-ldap-context.xml

to the following path (assuming that authentication.chain=ldap1:ldap-ad)

%TOMCAT_HOME%\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap1\custom-ldap-context.xml

then you can edit the attributeMapping property of the userRegistry bean.

Note this Spring override capability requires that you are using a recent v3.3 nightly build (as it wasn't working in the 3.2 community release).

I am running the nightly build and I don't have %TOMCAT_HOME%\shared\classes\alfresco\extension\subsystems\Authentication\ldap-ad\ldap1\custom-ldap-context.xml

I guess I can copy the entire directory but I don't know if that will do anything.

Thanks

fkeller
Champ in-the-making
Champ in-the-making
       <property name="attributeMapping">
            <map>
                <entry key="cm:userName">
                    <!– Must match the same attribute as userIdAttributeName –>
                    <value>${ldap.synchronization.userIdAttributeName}</value>
                </entry>
                <entry key="cm:firstName">
                    <!– OpenLDAP: "givenName" –>
                    <!– Active Directory: "givenName" –>
                    <value>${ldap.synchronization.userFirstNameAttributeName}</value>
                </entry>
                <entry key="cm:lastName">
                    <!– OpenLDAP: "sn" –>
                    <!– Active Directory: "sn" –>
                    <value>${ldap.synchronization.userLastNameAttributeName}</value>
                </entry>
                <entry key="cm:email">
                    <!– OpenLDAP: "mail" –>
                    <!– Active Directory: "???" –>
                    <value>${ldap.synchronization.userEmailAttributeName}</value>
                </entry>
                <entry key="cm:organizationId">
                    <!– OpenLDAP: "o" –>
                    <!– Active Directory: "???" –>
                    <value>${ldap.synchronization.userOrganizationalIdAttributeName}</value>
                </entry>

                <entry key="cm:mobile">
                    <value>${ldap.synchronization.userMobileAttributeName}</value>
                </entry>
                <entry key="cm:telephone">
                    <value>${ldap.synchronization.userTelephoneAttributeName}</value>
                </entry>

                <!– Always use the default –>
                <entry key="cm:homeFolderProvider">
                    <null/>
                </entry>
            </map>
        </property>

that is what i have in my config, but not all things are working. I also trying to figure out the right keys. The Mobile and Telephone Attribute aren't working for me, the other ones do.