Open Source Document Management System | OpenKM

Because information matters
https://forum.openkm.com/

configuración exitosa ActiveDirectory+OpenKM 5.1.8-2Linux

https://forum.openkm.com/viewtopic.php?t=5623

Page 1 of 1

configuración exitosa ActiveDirectory+OpenKM 5.1.8-2Linux

PostPosted:Thu Jan 05, 2012 6:36 pm
by viperboot
Gracias a tod@s los que aportaron al foro y a la documentación he podido configurar el servicio openkm 5.1.8-2 en una maquina core 2 duo + 4gb ram + linux 3.0 > linux mint 12 autenticando con un servidor active directory 2008r2 + ldap:389

Hago este aporte a manera de agradecimiento con mi configuración para que si alguien mas le necesita la use y no dure tres días intentando de todo 8)

Se requieren unos conocimientos básicos de ad y ldap y muchos de gnu/linux pero esto ya es un empujón...., este ejemplo NO ESTA DEL TODO completo, se han agregado los fragmentos mas importantes de los archivos de configuración asi que NO HAY GARANTÍA de que se ajuste a los requisitos de nadie.

Si desea se puede coordinar la instalación de openkm para organizaciones, se me puede contactar en <danielcordero [at] fastmail [dot] fm>

login-config.xml:
Code: Select all
<policy>

<application-policy name="OpenKM">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
  <module-option name="java.naming.provider.url">ldap://#IpServidorAD#</module-option>
  <module-option name="bindDN">CN=#AdminRWDominio#,OU=OpenKM,dc=#Dominio#,dc=com</module-option>
  <module-option name="java.naming.referral">follow</module-option>
  <module-option name="java.naming.security.authentication">simple</module-option>
  <module-option name="bindCredential">#PassAdminRWDominio#</module-option>
  <module-option name="baseCtxDN">dc=#Dominio#,dc=com</module-option>
  <module-option name="baseFilter">(&(sAMAccountName={0})(objectClass=user))</module-option>
  <module-option name="rolesCtxDN">OU=OpenKM,dc=#Dominio#,dc=com</module-option>
  <module-option name="roleFilter">(member={1})</module-option>
  <module-option name="roleAttributeID">cn</module-option>
  <module-option name="roleAttributeIsDN">false</module-option>
  <module-option name="roleRecursion">-1</module-option>
  <module-option name="searchScope">SUBTREE_SCOPE</module-option>
  <module-option name="allowEmptyPasswords">false</module-option>
  <!--<module-option name="defaultRole">UserRole</module-option>-->

</login-module>
</authentication>
</application-policy>

-----------------------------------------------------------------------------------------

software especial instalado en la maquina:
cuneiform
swftools
imagemagick
libreoffice3.4



OpenKM.cfg:
Code: Select all
hibernate.dialect=org.hibernate.dialect.HSQLDialect
application.url=http://localhost:8080/OpenKM/frontend/index.jsp

max.file.size=50
system.ocr=/usr/bin/cuneiform ${fileIn} -o ${fileOut}
default.lang=es-ES
system.login.username.lowercase=on

system.swftools.pdf2swf=/usr/bin/pdf2swf
system.ghostscript.ps2pdf=/usr/bin/ps2pdf
system.imagemagick.convert=/usr/bin/convert

system.openoffice=on

system.openoffice.path=/usr/lib/libreoffice
system.openoffice.tasks=5
system.openoffice.port=8100
system.openoffice.dictionary=/opt/openkm/es_CO.oxt

chat.enabled=off
chat.autologin=off

system.keyword.lowercase=on
hibernate.hbm2ddl = none

principal.adapter=com.openkm.principal.LdapPrincipalAdapter


principal.ldap.security.principal=#AdminRWDominio#@#Dominio#.com
principal.ldap.security.credentials=#PassAdminRWDominio#
--------------------------------------------------------------------------------------------------------------------

Configuración web:
Code: Select all
Key	Type	Value 	 
application.url	String 	http://localhost:8080/OpenKM/frontend/index.jsp
cache.home	String 	/opt/openkm/cache
default.admin.role	String 	AdminRole
default.lang	String 	es-ES
default.script	Text 	print("UserId: "+session.getUserID()); print("EventType: "+eventType); print("EventNode: "+eventNode.getPath()); print("ScriptNode: "+scriptNode.getPath());
default.user.role	String 	UserRole
experimental.mobile.context	String 	mobile
experimental.plugin.debug	Boolean 	Inactive
experimental.text.extraction	Boolean 	Inactive
kea.automatic.keyword.extraction.number	Integer 	0
kea.automatic.keyword.extraction.restriction	Boolean 	Inactive
kea.model.file	String 		
kea.stopwords.file	String 		
kea.thesaurus.base.url	String 		
kea.thesaurus.owl.file	String 		
kea.thesaurus.skos.file	String 		
kea.thesaurus.tree.childs	Text 		
kea.thesaurus.tree.root	Text 		
kea.thesaurus.vocabulary.serql	Text 		
logo.login	File 		
logo.mobile	File 		
logo.report	File 		
logo.text	String 	 
max.file.size	Long 	64
max.search.results	Integer 	261006
notification.message.body	Text 	<b>Document: </b><a href="${documentUrl}">${documentPath}</a><br/><b>User: </b>${userId}<br/><b>Message: </b>${notificationMessage}<br/>
notification.message.subject	Text 	OpenKM - NOTIFICATION - ${documentName}
notify.twitter.password	String 		
notify.twitter.status	Text 	OpenKM - ${documentUrl} - ${documentPath} - ${userId} - ${eventType}
notify.twitter.user	String 		
principal.adapter	String 	com.openkm.principal.LdapPrincipalAdapter
principal.database.filter.inactive.users	Boolean 	Active
principal.ldap.mail.attribute	String 	mail
principal.ldap.mail.search.base	String 	cn={0},cn=OpenKM,dc=#Dominio#,dc=com
principal.ldap.mail.search.filter	String 	(&(objectclass=person)(sAMAccountName={0}))
principal.ldap.referral	String 	follow
principal.ldap.role.attribute	String 	sAMAccountName
principal.ldap.role.search.base	String 	OU=OpenKM,dc=#Dominio#,dc=com
principal.ldap.role.search.filter	String 	(&(objectclass=group)(memberOf=cn=OpenKM,ou=OpenKM,dc=#Dominio#,dc=com))
principal.ldap.roles.by.user.attribute	String 	memberOf
principal.ldap.roles.by.user.search.base	String 	OU=OpenKM,dc=#Dominio#,dc=com
principal.ldap.roles.by.user.search.filter	String 	(sAMAccountName={0})
principal.ldap.security.credentials	String 	#PassAdminRWDominio#
principal.ldap.security.principal	String 	#AdminRWDominio#@#Dominio#.com
principal.ldap.server	String 	ldap://#IpServidorAD#
principal.ldap.user.attribute	String 	cn
principal.ldap.user.search.base	String 	dc=#Dominio#,dc=com
principal.ldap.user.search.filter	String 	(&(objectclass=user)(memberOf=OU=OpenKM,dc=#Dominio#,DC=com))
principal.ldap.users.by.role.attribute	String 	member
principal.ldap.users.by.role.search.base	String 	OU=OpenKM,dc=#Dominio#,dc=com
principal.ldap.users.by.role.search.filter	String 	(sAMAccountName={0})
registered.text.extractors	Text 	org.apache.jackrabbit.extractor.PlainTextExtractor org.apache.jackrabbit.extractor.MsWordTextExtractor org.apache.jackrabbit.extractor.MsExcelTextExtractor org.apache.jackrabbit.extractor.MsPowerPointTextExtractor org.apache.jackrabbit.extractor.OpenOfficeTextExtractor org.apache.jackrabbit.extractor.RTFTextExtractor org.apache.jackrabbit.extractor.HTMLTextExtractor org.apache.jackrabbit.extractor.XMLTextExtractor org.apache.jackrabbit.extractor.PngTextExtractor org.apache.jackrabbit.extractor.MsOutlookTextExtractor com.openkm.extractor.PdfTextExtractor com.openkm.extractor.AudioTextExtractor com.openkm.extractor.ExifTextExtractor com.openkm.extractor.CuneiformTextExtractor com.openkm.extractor.SourceCodeTextExtractor com.openkm.extractor.MsOffice2007TextExtractor
repository.config	String 	/opt/openkm/repository.xml
repository.home	String 	/opt/openkm/repository
restrict.file.extension	String 	*~,*.bak
restrict.file.mime	Boolean 	Inactive
schedule.dashboard.refresh	Long 	30
schedule.mail.importer	Long 	0
schedule.repository.info	Long 	1440
schedule.session.keepalive	Long 	15
subscription.message.body	Text 	<b>Document: </b><a href="${documentUrl}">${documentPath}</a><br/><b>User: </b>${userId}<br/><b>Event: </b>${eventType}<br/><b>Comment: </b>${subscriptionComment}<br/>
subscription.message.subject	Text 	OpenKM - ${eventType} - ${documentPath}
system.antivir	String 		
system.apache.request.header.fix	Boolean 	Inactive
system.demo	Boolean 	Inactive
system.document.name.mismatch.check	Boolean 	Active
system.dwg2dxf	String 		
system.ghostscript.ps2pdf	String 	/usr/bin/ps2pdf
system.imagemagick.convert	String 	/usr/bin/convert
system.keyword.lowercase	Boolean 	Active
system.login.lowercase	Boolean 	Active
system.maintenance	Boolean 	Inactive
system.ocr	String 	/usr/bin/cuneiform ${fileIn} -o ${fileOut}
system.openoffice.dictionary	String 	/opt/openkm/es_CO.oxt
system.openoffice.path	String 	/usr/lib/libreoffice
system.openoffice.port	Integer 	8100
system.openoffice.server	String 	127.0.0.1
system.openoffice.tasks	Integer 	200
system.pdf.force.ocr	Boolean 	Inactive
system.previewer	String 	zviewer
system.readonly	Boolean 	Inactive
system.swftools.pdf2swf	String 	/usr/bin/pdf2swf
system.webdav.fix	Boolean 	Inactive
system.webdav.server	Boolean 	Inactive
update.info	Boolean 	Active
user.assign.document.creation	Boolean 	Active
user.item.cache	Boolean 	Active
user.keywords.cache	Boolean 	Inactive
validator.password	String 	com.openkm.validator.password.NoPasswordValidator
validator.password.max.length	Integer 	0
validator.password.min.digits	Integer 	0
validator.password.min.length	Integer 	0
validator.password.min.lowercase	Integer 	0
validator.password.min.uppercase	Integer 	0
validator.password.mini.special	Integer 	0
workflow.run.config.form	String 	run_config
workflow.start.task.auto.run	Boolean 	Active
zoho.api.key	String 		
zoho.password	String 		
zoho.secret.key	String 		
zoho.user	String
--------------------------------------------------------------------------------------------------

Como mint esta basado en debian, en /etc/init.d/libreoffice se escribe:
Code: Select all
#!/bin/bash
# openoffice.org headless server script
#
# chkconfig: 2345 80 30
# description: headless libreoffice server script
# processname: libreoffice
#
# Author: Vic Vijayakumar
# Modified by Paco Avila and Federico Ch. Tomasczik
# Then hacked by Daniel Cordero
#
SOFFICE=/usr/bin/soffice
PIDFILE=/var/run/libreoffice-server.pid
set -e
case "$1" in
    start)
        if [ -f $PIDFILE ]; then
            echo "OpenOffice headless server has already started."
            exit
        fi
        echo "Starting OpenOffice headless server"
        $SOFFICE  --headless --nofirststartwizard --accept="socket,host=localhost,port=8100;urp;StarOffice.Service" & > /dev/null 2>&1
        touch $PIDFILE
        ;;
    stop)
        if [ -f $PIDFILE ]; then
            echo "Stopping OpenOffice headless server."
            killall -9 soffice.bin
	    # pkill soffice.bin
            rm -f $PIDFILE
            exit
        fi
        echo "Openoffice headless server is not running."
        exit
        ;;
    *)
        echo "Usage: $0 {start|stop}"
        exit 1
esac
exit 0
y se ejecuta el comando
Code: Select all
update-rc.d libreoffice defaults
Comentar es agradecer.


---------------------------------------------------------
Yahushua Lives

Re: configuración exitosa ActiveDirectory+OpenKM 5.1.8-2Linu

PostPosted:Mon Jan 09, 2012 6:24 pm
by pavila
Un par de detalles a comentar:

1.- En OpenKM 5.1.8 el fichero OpenKM.cfg sólo se usa para la configuración de Hibernate. El resto de parámetros deberías configurarlos a través de la Administración (web, para que nos entendamos)

2.- El parámetro de configuración system.openoffice ya no se usa en OpenKM 5.1.8, sino que debería usarse system.openoffice.path donde se le especifica la ruta a una instalación de OpenOffice / LibreOffice. (Ver http://wiki.openkm.com/index.php/OpenKM ... ntegration)

3.- Por el mismo motivo que en el punto 3, no es necesario ejecutar OpenOffice / LibreOffice como un daemon pq eso ya lo gestionar directamente OpenKM.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited