Archive for 'Alfresco'

Audit trail configuration on Alfresco 3.3

1)Overview
Audit trail configuration for alfresco 3.3 with old audit mechanism

2) Requirements
Server deployed with alfresco ( Installation method :: Jumpbox)

3) Objective

  • Enable Audit trail
  • Enable Logging

4) Configuration done

Step 1
On main property file turn audit on. Add the below two lines on alfresco-global.properties

root@serv:~# vi /opt/alfresco/tomcat/shared/classes/alfresco-global.properties

audit.enabled=true
audit.useNewConfig=false
# to use disable new config

Step 2
Turn all false values in file auditConfig.xml to true
/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/auditConfig.xml

root@serv:~# sed -i “s/false/true/g” — /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/auditConfig.xml

Step 3
You can turn logging level to debug by adding the following directives in the file log4j.properties

root@serv:~# vi /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties

# Audit debugging
log4j.logger.org.alfresco.repo.audit=DEBUG
log4j.logger.org.alfresco.repo.audit.model=DEBUG

Step 4
Stop/Start alfresco
root@home:~# /etc/init.d/alfresco stop
root@home:~# /etc/init.d/alfresco start

Openworkdesk with Alfresco

Overview

Add openworkdesk as a management system to Alfresco

Requirements

Alfresco installed ( Installation method :: Jumpbox)

Placeholders used

(Delivery) :: /usr/src/OWD_3.0.0.0Final_Community_Edition_bin
(Tomcat) :: /opt/alfresco/tomcat
(OpenWorkdesk) :: /opt/alfresco/tomcat/webapps/openworkdesk/

Installation instructions

Step 1
Community edition ( OWD_3.0.0.0Final_Community_Edition_bin.zip ) downloaded from http://sourceforge.net/projects/owd/files/ to /usr/src/

Step 2
unzip package
root@home:~# cd /usr/src
root@home:~# unzip OWD_3.0.0.0Final_Community_Edition_bin.zip

Step 3
change to unzipped (Delivery) folder
root@home:~# cd /usr/src/OWD_3.0.0.0Final_Community_Edition_bin

Step 4
copy webservice-api.jar from (Delivery)/ow/WEB-INF/lib to (Tomcat)/endorsed
root@home:~# cp /usr/src/OWD_3.0.0.0Final_Community_Edition_bin/ow/WEB-INF/lib/webservice-api.jar /opt/alfresco/tomcat/endorsed/

Step 5
create a Deployment dir (OpenWorkdesk) at (Tomcat)/webapps and copy the ow dir contents
root@home:~# mkdir /opt/alfresco/tomcat/webapps/openworkdesk/
root@home:~#cp -rpf /usr/src/OWD_3.0.0.0Final_Community_Edition_bin/ow/* /opt/alfresco/tomcat/webapps/openworkdesk/

Step 6
Configuring the CMIS adapter ( as we are using local alfresco installation, comment the following lines in, /opt/alfresco/tomcat/webapps/openworkdesk/WEB-INF/conf/cmis/owbootstrap.xml )

root@home:~# vi /opt/alfresco/tomcat/webapps/openworkdesk/WEB-INF/conf/cmis/owbootstrap.xml

comment the following lines,

<!—
<!– Alfresco online CMIS WSDL location –>
<WSDLRepository>http://cmis.alfresco.com/cmis/RepositoryService?wsdl</WSDLRepository>
<WSDLNavigation>http://cmis.alfresco.com/cmis/NavigationService?wsdl</WSDLNavigation>
<WSDLObject>http://cmis.alfresco.com/cmis/ObjectService?wsdl</WSDLObject>
<WSDLMultifiling>http://cmis.alfresco.com/cmis/MultiFilingService?wsdl</WSDLMultifiling>
<WSDLDiscovery>http://cmis.alfresco.com/cmis/DiscoveryService?wsdl</WSDLDiscovery>
<WSDLVersioning>http://cmis.alfresco.com/cmis/VersioningService?wsdl</WSDLVersioning>
<WSDLRelationship>http://cmis.alfresco.com/cmis/RelationshipService?wsdl</WSDLRelationship>
<WSDLPolicy>http://cmis.alfresco.com/cmis/PolicyService?wsdl</WSDLPolicy>
<!– <WSDLACL>…currently not supported…</WSDLACL> –>

and Uncomment these line

<!– Alfresco local CMIS WSDL location –>
<WSDLRepository>http://localhost:8080/alfresco/cmis/RepositoryService?wsdl</WSDLRepository>
<WSDLNavigation>http://localhost:8080/alfresco/cmis/NavigationService?wsdl</WSDLNavigation>
<WSDLObject>http://localhost:8080/alfresco/cmis/ObjectService?wsdl</WSDLObject>
<WSDLMultifiling>http://localhost:8080/alfresco/cmis/MultiFilingService?wsdl</WSDLMultifiling>
<WSDLDiscovery>http://loclahost:8080/alfresco/cmis/DiscoveryService?wsdl</WSDLDiscovery>
<WSDLVersioning>http://localhost:8080/alfresco/cmis/VersioningService?wsdl</WSDLVersioning>
<WSDLRelationship>http://localhost:8080/alfresco/cmis/RelationshipService?wsdl</WSDLRelationship>
<WSDLPolicy>http://localhost:8080/alfresco/cmis/PolicyService?wsdl</WSDLPolicy>
<!– <WSDLACL>…currently not supported…</WSDLACL> –>

Step 7
Point to http://your_alfresco_server_ip:8080/openworkdesk/
you can use alfresco login credentials to login


1) Overview

User/Group Synchronization of OpenLdap and Alfresco servers.
Two servers deployed with openldap and alfresco ( Installation method :: Jumpbox)
2) Objective

  • Full Users/Groups Synchronization from OpenLdap to Alfresco with a hourly cron
  • Differential Synchronization of Users/Groups when ever the alfresco server is restarted
  • User Account Synchronization when ever a new user attempts login

3) Configuration overview

User type :: PosixAccount
Group type :: PosixGroup
User base :: ou=example,dc=com ( only users under ou example will be imported )
Group base :: ou=example,dc=com ( only groups under ou example will be imported )
Full Sync Interval :: Hourly
Login id :: cn ( users should login to alfreso/share with the cn )

5) Configuration done on alfresco server

Step 1
Main property file

Add the below line to the end of the file

root@home:~# /opt/alfresco/tomcat/shared/classes/alfresco-global.properties

authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
#Sync Settings
synchronization.synchronizeChangesOnly=false
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.import.cron=0 0 * * * ?

Step 2
root@home:~# mkdir -p /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1

Step 3

Configuring common-ldap-context.xml, ldap-authentication.properties, ldap-authentication-context.xml

root@home:~# cp -p  /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap/ldap-authentication-context.xml /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/

root@home:~# cp -p /opt/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/common-ldap-context.xml /opt/Alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/

root@home:~# vi /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=cn=%s,ou=example,dc=com
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://ldap_server_ip:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=admin
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn=Admin,dc=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(objectclass=posixGroup)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=posixGroup)(!(modifyTimestamp<={0})))
ldap.synchronization.personQuery=(objectclass=posixAccount)
ldap.synchronization.personDifferentialQuery=(&(objectclass=posixAccount)(!(modifyTimestamp<={0})))
ldap.synchronization.groupSearchBase=ou=example,dc=com
ldap.synchronization.userSearchBase=ou=example,dc=Directory
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss’Z’
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=posixGroup
ldap.synchronization.personType=posixAccount
ldap.synchronization.groupMemberAttributeName=memberUid
ldap.synchronization.enableProgressEstimation=true

Please make sure to provide proper LDAP server IP, login and  with the directives

ldap.authentication.java.naming.provider.url=ldap://ldap_server_ip:389
ldap.synchronization.java.naming.security.principal=cn=Admin,dc=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.authentication.defaultAdministratorUserNames=admin

Step 4
Log configuration

Add the following lines to the end of the given file

root@home:~# vi /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties

log4j.logger.org.alfresco.repo.importer.ImporterJob=debug
log4j.logger.org.alfresco.repo.importer.ExportSourceImporter=debug
log4j.logger.org.alfresco.repo.security.authentication.ldap=debug

Step 5

Stop/Start alfresco
root@home:~# /etc/init.d/alfresco stop
root@home:~# /etc/init.d/alfresco start