0
1)Overview
Audit trail configuration for alfresco 3.3 with old audit mechanism
2) Requirements
Server deployed with alfresco ( Installation method :: Jumpbox)
3) Objective
- Enable Audit trail
- Enable Logging
4) Configuration done
Step 1
On main property file turn audit on. Add the below two lines on alfresco-global.properties
root@serv:~# vi /opt/alfresco/tomcat/shared/classes/alfresco-global.properties
audit.enabled=true
audit.useNewConfig=false # to use disable new config
Step 2
Turn all false values in file auditConfig.xml to true
/opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/auditConfig.xml
root@serv:~# sed -i “s/false/true/g” — /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/auditConfig.xml
Step 3
You can turn logging level to debug by adding the following directives in the file log4j.properties
root@serv:~# vi /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties
# Audit debugging
log4j.logger.org.alfresco.repo.audit=DEBUG
log4j.logger.org.alfresco.repo.audit.model=DEBUG
Step 4
Stop/Start alfresco
root@home:~# /etc/init.d/alfresco stop
root@home:~# /etc/init.d/alfresco start
Overview
Add openworkdesk as a management system to Alfresco
Requirements
Alfresco installed ( Installation method :: Jumpbox)
Placeholders used
(Delivery) :: /usr/src/OWD_3.0.0.0Final_Community_Edition_bin
(Tomcat) :: /opt/alfresco/tomcat
(OpenWorkdesk) :: /opt/alfresco/tomcat/webapps/openworkdesk/
Installation instructions
Step 1
Community edition ( OWD_3.0.0.0Final_Community_Edition_bin.zip ) downloaded from http://sourceforge.net/projects/owd/files/ to /usr/src/
Step 2
unzip package
root@home:~# cd /usr/src
root@home:~# unzip OWD_3.0.0.0Final_Community_Edition_bin.zip
Step 3
change to unzipped (Delivery) folder
root@home:~# cd /usr/src/OWD_3.0.0.0Final_Community_Edition_bin
Step 4
copy webservice-api.jar from (Delivery)/ow/WEB-INF/lib to (Tomcat)/endorsed
root@home:~# cp /usr/src/OWD_3.0.0.0Final_Community_Edition_bin/ow/WEB-INF/lib/webservice-api.jar /opt/alfresco/tomcat/endorsed/
Step 5
create a Deployment dir (OpenWorkdesk) at (Tomcat)/webapps and copy the ow dir contents
root@home:~# mkdir /opt/alfresco/tomcat/webapps/openworkdesk/
root@home:~#cp -rpf /usr/src/OWD_3.0.0.0Final_Community_Edition_bin/ow/* /opt/alfresco/tomcat/webapps/openworkdesk/
Step 6
Configuring the CMIS adapter ( as we are using local alfresco installation, comment the following lines in, /opt/alfresco/tomcat/webapps/openworkdesk/WEB-INF/conf/cmis/owbootstrap.xml )
root@home:~# vi /opt/alfresco/tomcat/webapps/openworkdesk/WEB-INF/conf/cmis/owbootstrap.xml
comment the following lines,
<!—
<!– Alfresco online CMIS WSDL location –>
<WSDLRepository>http://cmis.alfresco.com/cmis/RepositoryService?wsdl</WSDLRepository>
<WSDLNavigation>http://cmis.alfresco.com/cmis/NavigationService?wsdl</WSDLNavigation>
<WSDLObject>http://cmis.alfresco.com/cmis/ObjectService?wsdl</WSDLObject>
<WSDLMultifiling>http://cmis.alfresco.com/cmis/MultiFilingService?wsdl</WSDLMultifiling>
<WSDLDiscovery>http://cmis.alfresco.com/cmis/DiscoveryService?wsdl</WSDLDiscovery>
<WSDLVersioning>http://cmis.alfresco.com/cmis/VersioningService?wsdl</WSDLVersioning>
<WSDLRelationship>http://cmis.alfresco.com/cmis/RelationshipService?wsdl</WSDLRelationship>
<WSDLPolicy>http://cmis.alfresco.com/cmis/PolicyService?wsdl</WSDLPolicy>
<!– <WSDLACL>…currently not supported…</WSDLACL> –>
and Uncomment these line
<!– Alfresco local CMIS WSDL location –>
<WSDLRepository>http://localhost:8080/alfresco/cmis/RepositoryService?wsdl</WSDLRepository>
<WSDLNavigation>http://localhost:8080/alfresco/cmis/NavigationService?wsdl</WSDLNavigation>
<WSDLObject>http://localhost:8080/alfresco/cmis/ObjectService?wsdl</WSDLObject>
<WSDLMultifiling>http://localhost:8080/alfresco/cmis/MultiFilingService?wsdl</WSDLMultifiling>
<WSDLDiscovery>http://loclahost:8080/alfresco/cmis/DiscoveryService?wsdl</WSDLDiscovery>
<WSDLVersioning>http://localhost:8080/alfresco/cmis/VersioningService?wsdl</WSDLVersioning>
<WSDLRelationship>http://localhost:8080/alfresco/cmis/RelationshipService?wsdl</WSDLRelationship>
<WSDLPolicy>http://localhost:8080/alfresco/cmis/PolicyService?wsdl</WSDLPolicy>
<!– <WSDLACL>…currently not supported…</WSDLACL> –>
Step 7
Point to http://your_alfresco_server_ip:8080/openworkdesk/
you can use alfresco login credentials to login
1) Overview
User/Group Synchronization of OpenLdap and Alfresco servers.
Two servers deployed with openldap and alfresco ( Installation method :: Jumpbox)
2) Objective
- Full Users/Groups Synchronization from OpenLdap to Alfresco with a hourly cron
- Differential Synchronization of Users/Groups when ever the alfresco server is restarted
- User Account Synchronization when ever a new user attempts login
3) Configuration overview
User type :: PosixAccount
Group type :: PosixGroup
User base :: ou=example,dc=com ( only users under ou example will be imported )
Group base :: ou=example,dc=com ( only groups under ou example will be imported )
Full Sync Interval :: Hourly
Login id :: cn ( users should login to alfreso/share with the cn )
5) Configuration done on alfresco server
Step 1
Main property file
Add the below line to the end of the file
root@home:~# /opt/alfresco/tomcat/shared/classes/alfresco-global.properties
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap1:ldap
#Sync Settings
synchronization.synchronizeChangesOnly=false
synchronization.syncOnStartup=true
synchronization.syncWhenMissingPeopleLogIn=true
synchronization.import.cron=0 0 * * * ?
Step 2
root@home:~# mkdir -p /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1
Step 3
Configuring common-ldap-context.xml, ldap-authentication.properties, ldap-authentication-context.xml
root@home:~# cp -p /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap/ldap-authentication-context.xml /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/
root@home:~# cp -p /opt/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/common-ldap-context.xml /opt/Alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/
root@home:~# vi /opt/alfresco/tomcat/shared/classes/alfresco/extension/subsystems/Authentication/ldap/ldap1/ldap-authentication.properties
ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=cn=%s,ou=example,dc=com
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://ldap_server_ip:389
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.authentication.defaultAdministratorUserNames=admin
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.authentication=simple
ldap.synchronization.java.naming.security.principal=cn=Admin,dc=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(objectclass=posixGroup)
ldap.synchronization.groupDifferentialQuery=(&(objectclass=posixGroup)(!(modifyTimestamp<={0})))
ldap.synchronization.personQuery=(objectclass=posixAccount)
ldap.synchronization.personDifferentialQuery=(&(objectclass=posixAccount)(!(modifyTimestamp<={0})))
ldap.synchronization.groupSearchBase=ou=example,dc=com
ldap.synchronization.userSearchBase=ou=example,dc=Directory
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss’Z’
ldap.synchronization.userIdAttributeName=uid
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=o
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=posixGroup
ldap.synchronization.personType=posixAccount
ldap.synchronization.groupMemberAttributeName=memberUid
ldap.synchronization.enableProgressEstimation=true
Please make sure to provide proper LDAP server IP, login and with the directives
ldap.authentication.java.naming.provider.url=ldap://ldap_server_ip:389
ldap.synchronization.java.naming.security.principal=cn=Admin,dc=com
ldap.synchronization.java.naming.security.credentials=secret
ldap.authentication.defaultAdministratorUserNames=admin
Step 4
Log configuration
Add the following lines to the end of the given file
root@home:~# vi /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties
log4j.logger.org.alfresco.repo.importer.ImporterJob=debug
log4j.logger.org.alfresco.repo.importer.ExportSourceImporter=debug
log4j.logger.org.alfresco.repo.security.authentication.ldap=debug
Step 5
Stop/Start alfresco
root@home:~# /etc/init.d/alfresco stop
root@home:~# /etc/init.d/alfresco start
Back to top