Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OpenLDAP Sync with Share

sthurrott
Champ in-the-making
Champ in-the-making

‎11-12-2008 07:38 PM

We have been able to install Share and sync it to our OpenLDAP server.  The problem we have run into is that it puts all our users and groups in the Company Home directory.  How do I put users in the User Home directory and keep groups in the Company Home directory? 

Thanks
Labels:
0 Kudos
15 REPLIES 15

yyovkov
Champ in-the-making
Champ in-the-making

‎11-13-2008 05:26 AM

Hi sthurrott,

probably you will find helpful this post:
http://forums.alfresco.com/en/viewtopic.php?t=7133&highlight=nonunique+path
0 Kudos

ofrxnz
Champ in-the-making
Champ in-the-making

‎11-13-2008 08:59 AM

in ldap-synchronization-context.xml

change this

<property name="attributeDefaults">
            <map>
                <entry key="cm:homeFolderProvider">
                    <value>${ldap.synchronisation.defaultHomeFolderProvider}</value>
                </entry>
            </map>
        </property>
    </bean>
to this


 <property name="attributeDefaults">
            <map>
                <entry key="cm:homeFolderProvider">
                    <value>${ldap.synchronisation.userHomesHomeFolderProvider}</value>
                </entry>
            </map>
        </property>
    </bean>

0 Kudos

sthurrott
Champ in-the-making
Champ in-the-making

‎11-13-2008 09:59 AM

Thanks, we got it to work.  Now onto the next thing…the groups imported without any users.  I remember reading something about that in another forum.
0 Kudos

ofrxnz
Champ in-the-making
Champ in-the-making

‎11-13-2008 05:37 PM

if the groups import without any users you need to change this in ldap-synchronization.properties

ldap.synchronisation.groupMemberAttributeName=member

change that variable so it is = what ever attribute your group members are under.  i believe they need to be stored as their full DN
0 Kudos

sthurrott
Champ in-the-making
Champ in-the-making

‎11-14-2008 02:37 PM

Thanks, we set the ldap.synchronisation.groupMemberAttributeName=member to what our group members are under but I'm not sure what you mean by them needing to be stored as their full DN.  Could you give an example?

Thanks again…
0 Kudos

ofrxnz
Champ in-the-making
Champ in-the-making

‎11-14-2008 03:12 PM

It should be it by default but
In my ldap server, group members are determined by the attribute 'member' holding a value like 'uid=username,ou=people,dc=company,dc=com'  this is just the absolute path to a user. 

so, since in your case alfresco is already finding groups and importing, the last step is to tell it what the group members are labeled as.
This label is defined under ldap.synchronisation.groupMemberAttributeName
in my case it is 'member'.

when alfresco scans a group and finds the attribute 'member' it looks at its value and adds it to a group.

so in mine, when ever alfresco finds a group, it looks for 'member' and adds it's value to the group.  In my case the users absolute name looks something like 'uid=username,ou=people,dc=company,dc=com' (this will look different for you on both sides of the '=' )

My guess is you got it right, I just found it confusing when i first set it up because i am using Active Directory.  In AD your absolute name (uid=username,ou=people,dc=company,dc=com) is not your 'Windows username'. 

I was just trying to be clear.  Sorry for any confusion.

Are your groups populating?

Adam
0 Kudos

sthurrott
Champ in-the-making
Champ in-the-making

‎11-17-2008 03:28 PM

Not yet, we decided to reinstall Share because we were having several issues so I haven't been able to test out your solution.

Thanks
0 Kudos

markuskopinits
Champ in-the-making
Champ in-the-making

‎07-30-2009 11:04 AM

Hi,

I'm using Alfresco 3.1.1
The LDAP syncronizations is working for users and groups but it's not putting the users inside the groups.

I've tried the ldap.synchronisation.groupMemberAttributeName attribute with "member", "membrUid", "memberOf"
but none off then worked.

Can you help me?

Thanks
0 Kudos

mricher
Champ in-the-making
Champ in-the-making

‎01-04-2010 01:06 PM

Just to clarify the problem.

The LDAP server is storing the 'short name' eg. username in the field 'member' or 'memberUid' or 'memberOf'.

Alfresco on the other hand is expecting the full DN to be stored.  (eg. cn=username,ou=People,dc=example,dc=com ).

It is a pain to have to modify the ldap (and all the other services) to support his.

However, it looks like it was resolved in the Enterprise version of Alfresco (as they added some fallback code to test for the shortname when the full DN fails).
JIRA:   https://issues.alfresco.com/jira/browse/ETHREEOH-2508

Any chance of getting the small changes ported over to the Community edition?
Cheers,

R. Michael Richer
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC