Hyland Connect

sthurrott · ‎11-12-2008

We have been able to install Share and sync it to our OpenLDAP server. The problem we have run into is that it puts all our users and groups in the Company Home directory. How do I put users in the User Home directory and keep groups in the Company Home directory?

Thanks

mrogers · ‎01-04-2010

Looks like it was put on HEAD last July.

mricher · ‎01-04-2010

Hmmm… Looks like I'll be investigating my problem (/sigh)… was hoping for a fast fix hehe.

I'm currently experiencing the identical issue on 3.2r2 … but it could be my configuration (either Alfresco or OpenLDAP)…
I'll bump up some logging, etc. and get back to here. (Tried it really quick with memberUid as the attribute…)

Any chance you have svn revision number of the changes? (just in case)

Thanks for the quick response,

Cheers

Mike

mricher · ‎01-15-2010

Well it was a configuration issue on my end… so I am able to sync now, and authenticate.
I had to use the DifferentialQuery's, etc. in 3.2r2 with the proper filters, and everything works.

I have ran into another problem, where an 'updated' Query fails to be used (without wiping the database and data directory).
I tried the cron method of performing a full sync, but still the 'new' accounts don't show up.

Initially (this works well):
user.name.caseSensitive=true
ldap.synchronization.synchronizeChangesOnly=false
ldap.synchronization.import.cron=0 0 * * * ?
ldap.synchronization.PersonQuery=(&(objectClass\=posixAccount)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dc\:\=cem)(ou\:dn\:\=evo)))
ldap.synchronization.PersonDifferentialQuery=(&(objectClass\=posixAccount)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dc\:\=cem)(ou\:dn\:\=evo))(!(modifyTimestamp<\={0})))
ldap.synchronization.GroupQuery=(&(objectClass\=posixGroup)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dc\:\=cem)(ou\:dn\:\=evo)))

Now I wanted to add an additional OU to the list (cca – (ou\:dn\:\=cca) 😞
ldap.synchronization.PersonQuery=(&(objectClass\=posixAccount)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dn\:\=cca)(ou\:dc\:\=cem)(ou\:dn\:\=evo)))
ldap.synchronization.PersonDifferentialQuery=(&(objectClass\=posixAccount)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dn\:\=cca)(ou\:dc\:\=cem)(ou\:dn\:\=evo))(!(modifyTimestamp<\={0})))
ldap.synchronization.GroupQuery=(&(objectClass\=posixGroup)(\|(ou\:\dn\:\=adm)(ou\:dn\:\=grc)(ou\:dn\:\=cca)(ou\:dc\:\=cem)(ou\:dn\:\=evo)))

Restarting and waiting for the cron sync, both still do not permit access to the cca ou. If I wipe the database and the data dir, and restart, the system will reinitialize and make the cca container available as well.

Is there a step I'm missing for changing the Querys? (Although I am not expecting changes to the DIT on the ldap server, I'm just planning ahead…)

Mike

dward · ‎01-15-2010

That's because the system remembers the newest modification date of the objects it queries and only asks for those modified after that date in future syncs.

You could set

synchronization.synchronizeChangesOnly=false

which will cause the scheduled full sync job (which by default runs every midnight) to sync with everything regardless of modification date.

mricher · ‎01-18-2010

Typos, typos, typos..

All problems are corrected, and they do work as you say they will. ldapsearch queries with typos in them are just plain bad…

And even creating your own parameters are bad…. (eg. ldap.synchronization vs. synchronization, etc.)

In short, I shuold be taking more time confirming what I'm typing…

Thanks for the help and quick responses though. Works like a charm!

Mike

njeudy · ‎04-13-2010

Can you post your config file for ldap sync.

I try lots of solution, but i'm not able to sync group in alfresco:

- Login and user users works
- sync group works, but stay empty

I'm using openldap, and group are posixGroup with memberUid = uid (user uid)

Thanks,

Nicolas JEUDY

Hyland Connect

OpenLDAP Sync with Share