As encryption of alfresco-global.properties is a feature of Alfresco Enterprise (5.2.3 is an Enterprise version after all) you should contact Alfresco Support with that inquiry. From my past experiences and the code handling subsystems such as LDAP in Alfresco, I seriously doubt that such a use case is supported at all. It may be possible to create a workaround though using Spring property placeholders so that you can reference the password config setting in the unencrypted LDAP configuration properties while its value is actually stored in the encrypted global properties file.
E.g. in ../webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap/additional.properties file you could define the following (empty) default properties:
ldap.synchronization.server1.password=
ldap.synchronization.server2.password=
Then, in the encrypted global properties file you can actually set values for thsee properties.
Finally, in the LDAP subsystem instances (e.g. ../shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/custom-additional.properties) you can then set
ldap.synchronization.java.naming.security.credentials=${ldap.synchronization.server1.password}
Explanation:
- I am not using Enterprise a lot these days and have certainly not tried this myself - so no guarantees
- Defining the empty, dummy properties in the first file is required because Alfresco does not automatically propagate every setting from global properties to subsystems - only those that match the keys defined in those subsystem configuration templates
- using ${} effectively means "resolve the value of another configuration property at runtime", so using this to reference the password configuration property from the encrypted global properties avoids having to put the raw password in the unencrypted subsystem config file
