Alfresco on Windows Server with Active Directory Authentication

Alfresco LogoLet’s be honest about this: the documentation for Alfresco, the SharePoint-like Enterprise Content Management System is opaque.

Today, I installed the free Community Edition of Alfresco on a Windows Server 2008 R2 virtual machine. The first thing I wanted to do was connect it to Active Directory in order to delegate authentication duties to my domain controllers. I didn’t find the documentation particularly helpful. So here’s what I did:

  1. You won’t be able to do this until you’ve fired up the TomCat server at least once – that causes the creation of the necessary files and folders.
  2. Find the repository.properties file. In the default installation, it will be in the folder, C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco. Open it with your favourite text editor – preferably not Notepad, since the file has Unix line endings, which Notepad won’t handle correctly.
  3. In that file, find the line authentication.chain=alfrescoNtlm1:alfrescoNtlm. Change it to read authentication.chain=ldap-ad1:ldap-ad,alfrescoNtlm1:alfrescoNtlm and save the file.
  4. Next, go to C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap-ad (or similar, if you chose to install in a different location). You need to edit the file ldap-ad-authentication.properties, but note that you may need to run your text editor as Administrator in order to be able to save your changes. Make the following edits:
    1. Insert your domain: ldap.authentication.userNameFormat=%s@mydomain.local
    2. Put connection details for your DC: ldap.authentication.java.naming.provider.url=ldap://pdc1.mydomain.local:389
    3. Choose an administrator for Alfresco, from your AD list of users: ldap.authentication.defaultAdministratorUserNames=superuser
    4. Insert the administrator’s UPN: ldap.synchronization.java.naming.security.principal=[email protected]
    5. Add the administrator’s password. Yes, in plain text. Yes, this is very bad. Take all necessary precautions: ldap.synchronization.java.naming.security.credentials=someP4ssword
    6. Put the search base (possibly a subset of your AD tree) for groups: ldap.synchronization.groupSearchBase=OU\=My Groups,DC\=mydomain,DC\=local – NB this is case sensitive, and the extra backslashes are required
    7. Put the search base (possibly a subset of your AD tree) for users: ldap.synchronization.userSearchBase=OU\=My Users,DC\=mydomain,DC\=local – again, this is case sensitive, and the extra backslashes are required
  5. Use the Alfresco Manager Tool to restart the services.

From Alfresco, you should now be able to browse users and groups from whichever OU you used.


Note: I initially did all the above using Alfresco 4.2c, only to discover there are some bugs relating to SharePoint in that release. The recommended solution until a later version is released is to try one of the nightly builds.

Alfresco logo copyright © Alfresco Software, Inc..

SOLVED: Samsung Galaxy Note II stuck on Samsung logo

Samsung Galaxy Note IIThe Galaxy Note 2 (GT-N7105). What a phone. “Too big!” you say? “I can’t see what the problem is,” I say.

Imagine my dismay then this morning, when I discovered my favourite gadget had rebooted itself (without my permission) and was sat on the animated Samsung logo, quietly glowing to itself, most pathetically. Every few seconds, the haptic motor clicked, like a feeble death rattle.

“Curtains”, I thought.

“Pull yourself together man!” I thought.

After removing the battery, rebooting and generally pleading for a reprieve failed to achieve any results, I took stock and started panicking about how many days it was since I last took a backup. A factory reset loomed.

With one last gasping hope I tried rebooting into safe mode. On the Note 2, from a powered off state, you keep the “volume down” button depressed while powering up. Also, keep the power button pressed until the Samsung logo appears.

To my great relief, the phone booted up in safe mode. I restarted the phone from there and it powered up normally. Next job: perform a backup!

Sadly, this won’t fix physical faults with your phone. Sorry if it doesn’t work for you.

Samsung Galaxy Note II image copyright © SamsungTomorrow, licensed under Creative Commons. Used with permission.