Voraussetzungen
- Openoffice
apt-get install openoffice.org
- ImageMagick
apt-get install imagemagick
- SWFTools – siehe weiter unten
- Apache
apt-get install apache2
- Tomcat
apt-get install tomcat6
- MySQL + phpmyadmin
apt-get install mysql-server mysql-client phpmyadmin
- OpenJDK 6 JRE
apt-get install openjdk-6-jre --- sollte mit Tomcat bereits installiert werden
- MySQL JDBC-Connector
apt-get install libmysql-java
- ZIP
apt-get install zip
SWFTools
- von http://www.swftools.org/download.html herunterladen und entpacken (tar xzvf)
- folgende Packages installieren
apt-get install zlib1g-dev libjpeg62-dev libgif-dev libfreetype6-dev g++
- in den swftools-Ordner wechseln und ./configure ausführen – auf mögliche Fehler achten
- make
- make install
Hinweis: Möglicherweise muss die Datei swfs/Makefile editiert werden, wenn Fehler am Ende von make install auftritt (rm: invalid option — ). Hier in der File die betroffenen Zeilen suchen und die Parameter -o -L entfernen!
Hinweis: Es dürfte in Version 9.2 einen Bug geben, daher Version 9.1 verwenden!
Installation von Alfresco
- Herunterladen von alfresco-community-x.x.x.zip und alfresco-community-spp-x.x.x.zip über http://wiki.alfresco.com/wiki/Download_Community_Edition unter dem Punkt 1 auf “Custom Installs & Optional Modules”
- Unter /var einen Folder alfresco anlegen
cd /var mkdir alfresco
- Benutzer und Gruppe zuweisen
chown tomcat6.tomcat6 alfresco
- Die beiden heruntergeladenen Files in den Ordner /var/alfresco kopieren
- alfresco-community-x.x.x.zip in den Ordner alfresco_x.x.x entpacken (Ordner gegebenfalls anlegen)
Installation von alfresco.war und share.war inklusive des MS Sharepoint Connectors
- die alfresco.war und share.war Dateien (zu finden unter /var/alfresco/alfresco_4.0.d/web-server/webapps) in den Ordner /var/lib/tomcat6/webapps kopieren
- in den Ordner /var/alfresco/alfresco_x.x.x wechseln und einen Ordner amps erstellen
- vom Ordner /var/alfresco/alfresco-spp-x.x.x die alfresco-community-spp-x.x.x.amp in den zuvor erstellten Ordner kopieren
- die Datei apply_amps.sh (unter /var/alfresco/alfresco_x.x.x/bin) editieren und folgende Änderungen in den ersten beiden Zeilen durchführen:
export ALF_HOME=/var/alfresco/alfresco_4.0.d export CATALINA_HOME=/var/lib/tomcat6
- JAVA_HOME setzen
export JAVA_HOME="/usr/lib/jvm/java-6-openjdk"
- vom Ordner /var/alfresco/alfresco_x.x.x aus ./bin/apply_amps.sh ausführen und auf folgende Ausgabe achten:
This script will apply all the AMPs in ./amps and ./amps_share to the alfresco.war and share.war files in ./tomcat/webapps Press control-c to stop this script . . . Press any other key to continue . . . Module 'org.alfresco.module.vti' installed in '/var/lib/tomcat6/webapps/alfresco.war' - Title: Vti - Version: 1.2 - Install Date: Mon Apr 16 11:26:49 CEST 2012 - Description: Alfresco Vti Extension Module managment tool available commands: ----------------------------------------------------------- install: Installs a AMP file(s) into an Alfresco WAR file, updates if an older version is already installed. usage: install <AMPFileLocation> <WARFileLocation> [options] valid options: -verbose : enable verbose output -directory : indicates that the amp file location specified is a directory. All amp files found in the directory and its sub directories are installed. -force : forces installation of AMP regardless of currently installed module version -preview : previews installation of AMP without modifying WAR file -nobackup : indicates that no backup should be made of the WAR ----------------------------------------------------------- list: Lists all the modules currently installed in an Alfresco WAR file. usage: list <WARFileLocation> ----------------------------------------------------------- No modules are installed in this WAR file No modules are installed in this WAR file About to clean out ./tomcat/webapps/alfresco and ./tomcat/webapps/share directories and temporary files... Press control-c to stop this script . . . Press any other key to continue . . . Cleaning temporary Alfresco files from Tomcat...
Installation von MySQL JDBC
- neuesten MySQL JDBC Treiber herunterladen und die Datei mysql-connector-java-x.x.x-bin.jar entpacken
- die Datei in den Ordner /usr/share/tomcat6/lib kopieren
Berechtigungen überprüfen und setzen
- auf die kopierten Files und Ordner unter /var/lib/tomcat6 den Benutzer und die Gruppe auf tomcat6 setzen
MySQL Datenbank erstellen
- auf phpmyadmin verbinden und folgenden SQL-Befehl ausführen
create database alfresco character set utf8; grant all on alfresco.* to 'alfresco'@'localhost' identified by 'yourpassword' with grant option; grant all on alfresco.* to 'alfresco'@'localhost.localdomain' identified by 'yourpassword' with grant option;
Konfiguration
/var/lib/tomcat6/shared/classes/alfresco-global.properties
Die Konfiguration wie folgt durchführen
############################### ## Common Alfresco Properties # ############################### # # Sample custom content and index data location # dir.root=/var/alfresco/alf_data dir.keystore=${dir.root}/keystore # # Sample database connection properties # db.username=alfresco db.password=yourpassword db.name=alfresco db.host=localhost db.port=3306 #db.pool.validate.query=select 1 # # External locations #------------- #ooo.exe=soffice ooo.exe=/usr/bin/soffice ooo.enabled=true jodconverter.officeHome=/usr/lib/openoffice jodconverter.portNumbers=8101 jodconverter.enabled=true #img.root=./ImageMagick img.root=/var/alfresco/ImageMagick #swf.exe=./bin/pdf2swf swf.exe=/usr/local/bin/pdf2swf # # Property to control whether schema updates are performed automatically. # Updates must be enabled during upgrades as, apart from the static upgrade scripts, # there are also auto-generated update scripts that will need to be executed. After # upgrading to a new version, this can be disabled. # db.schema.update=true # # MySQL connection # #db.driver=org.gjt.mm.mysql.Driver db.driver=com.mysql.jdbc.Driver db.url=jdbc:mysql://localhost:3306/alfresco?useUnicode=yes&characterEncoding=UTF-8 #db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}?useUnicode=yes&characterEncoding=UTF-8 # # Oracle connection # #db.driver=oracle.jdbc.OracleDriver #db.url=jdbc:oracle:thin:@localhost:1521:alfresco # # SQLServer connection # Requires jTDS driver version 1.2.5 and SNAPSHOT isolation mode # Enable TCP protocol on fixed port 1433 # Prepare the database with: # ALTER DATABASE alfresco SET ALLOW_SNAPSHOT_ISOLATION ON; # #db.driver=net.sourceforge.jtds.jdbc.Driver #db.url=jdbc:jtds:sqlserver://localhost:1433/alfresco #db.txn.isolation=4096 # # PostgreSQL connection (requires postgresql-8.2-504.jdbc3.jar or equivalent) # #db.driver=org.postgresql.Driver #db.url=jdbc:postgresql://localhost:5432/alfresco # # Index Recovery Mode #------------- #index.recovery.mode=AUTO # # Outbound Email Configuration #------------- mail.host=your.mail.srv mail.port=25 #mail.username= #mail.password= mail.encoding=UTF-8 mail.from.default=alfresco@your.dom mail.smtp.auth=false # # Alfresco Email Service and Email Server #------------- # Enable/Disable the inbound email service. The service could be used by processes other than # the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service. #------------- #email.inbound.enabled=true # Email Server properties #------------- #email.server.enabled=true #email.server.port=25 #email.server.domain=your.dom #email.inbound.unknownUser=anonymous # A comma separated list of email REGEX patterns of allowed senders. # If there are any values in the list then all sender email addresses # must match. For example: # .*\@alfresco\.com, .*\@alfresco\.org #------------- email.server.allowed.senders=.*\@your\.dom, .*\@your\.second\.dom # # The default authentication chain # To configure external authentication subsystems see: # http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems #------------- #authentication.chain=alfrescoNtlm1:alfrescoNtlm # # URL Generation Parameters (The ${localname} token is replaced by the local server name) #------------- #alfresco.context=alfresco #alfresco.host=${localname} #alfresco.port=8080 #alfresco.protocol=http # #share.context=share #share.host=${localname} #share.port=8080 #share.protocol=http #imap.server.enabled=true #imap.server.port=1143 #imap.server.host=0.0.0.0 # Default value of alfresco.rmi.services.host is 0.0.0.0 which means 'listen on all adapters'. # This allows connections to JMX both remotely and locally. # alfresco.rmi.services.host=0.0.0.0 # # RMI service ports for the individual services. # These seven services are available remotely. # # Assign individual ports for each service for best performance # or run several services on the same port. You can even run everything on 50500 if needed. # # Select 0 to use a random unused port. # avm.rmi.service.port=50501 avmsync.rmi.service.port=50502 attribute.rmi.service.port=50503 authentication.rmi.service.port=50504 repo.rmi.service.port=50505 action.rmi.service.port=50506 wcm-deployment-receiver.rmi.service.port=50507 monitor.rmi.service.port=50508 #### # CIFS/SMB options #### cifs.domain=YOURADDOMAIN cifs.tcpipSMB.port=1445 cifs.netBIOSSMB.sessionPort=1139 cifs.netBIOSSMB.namePort=1137 cifs.netBIOSSMB.datagramPort=1138 ### # FTP properties ### ftp.port=1121 ### # IMAP options ### #imap.config.server.mountPoints=AlfrescoIMAP #imap.config.server.mountPoints.default.mountPointName=IMAP #imap.config.server.mountPoints.default.modeName=ARCHIVE #imap.config.server.mountPoints.default.store=${spaces.store} #imap.config.server.mountPoints.default.rootPath=/${spaces.company_home.childname}/cm:Imap_x0020_Home #imap.config.server.mountPoints.value.AlfrescoIMAP.mountPointName=Alfresco IMAP #imap.config.server.mountPoints.value.AlfrescoIMAP.modeName=ARCHIVE ### # AD-Authentication options # more options set seperately in tomcat6/shared/.../ldap/ldap-authentication ### #authentication.chain=youraddomainAD:ldap-ad,youraddomainADPassthru:passthru
LDAP und IMAP ist noch nicht aktiviert. Erster Start (/etc/init.d/tomcat6 start) von Alfresco kann durchgeführt werden. Es werden ein paar Fehler auftreten, danach gleich wieder stoppen (/etc/init.d/tomcat6 stop). Aber es sollte die Datenbank befüllt werden und die war-Files werde deployed. Danach muss man in den erstellten Files noch Änderungen durchführen.
Logging konfigurieren – /var/lib/tomcat6/shared/classes/webapps/share/WEB-INF/classes/log4j.properties
- log4j.appender.File.File=/var/log/tomcat6/alfresco.log
Logging konfigurieren – /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/log4j.properties
- log4j.appender.File.File=/var/log/tomcat6/alfresco.log
Keystore an die richtige Stelle kopieren
- cp -a /var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/keystore/ /var/alfresco/alf_data/
LDAP-aktivieren
- alfresco-global.properties anpassen (authentication.chain auskommentieren)
- default-synchronization.properties anpassen (/var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Synchronization/default/default-synchronization.properties)
# # This properties file is used to configure user registry syncronisation (e.g. LDAP) # # Should the scheduled sync job use differential or full queries on the user # registries to determine the set of local users to be updated? When true, # each user registry is only queried for those users and groups modified since # the most recent modification date of all the objects last queried from that # same source. When <code>false</code> then <i>all</i> users and groups are # queried from the user registry and updated locally. Nevertheless, a separate # query will be run by the scheduled sync job to determine deletions. synchronization.synchronizeChangesOnly=false # The cron expression defining when imports should take place ----- int this case every 3 minutes synchronization.import.cron=0 0/3 * * * ? # Should we trigger a differential sync when missing people log in? synchronization.syncWhenMissingPeopleLogIn=true # Should we trigger a differential sync on startup? synchronization.syncOnStartup=true # Should we auto create a missing person on log in? synchronization.autoCreatePeopleOnLogin=false # The number of entries to process before logging progress synchronization.loggingInterval=100 # The number of threads to use when doing a batch (scheduled or startup) sync synchronization.workerThreads=2
- ldap-ad-authentication.properties anpassen (/var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap-ad/ldap-ad-authentication.properties)
# This flag enables use of this LDAP subsystem for authentication. It may be # that this subsytem should only be used for synchronization, in which case # this flag should be set to false. ldap.authentication.active=true # # This properties file brings together the common options for LDAP authentication rather than editing the bean definitions # ldap.authentication.allowGuestLogin=false # How to map the user id entered by the user to taht passed through to LDAP # In Active Directory, this can either be the user principal name (UPN) or DN. # UPNs are in the form <sAMAccountName>@domain and are held in the userPrincipalName attribute of a user ldap.authentication.userNameFormat=%s@youraddomain.loc # The LDAP context factory to use ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory # The URL to connect to the LDAP server ldap.authentication.java.naming.provider.url=ldap://youraddomain.loc:389 # The authentication mechanism to use for password validation ldap.authentication.java.naming.security.authentication=simple # Escape commas entered by the user at bind time # Useful when using simple authentication and the CN is part of the DN and contains commas ldap.authentication.escapeCommasInBind=false # Escape commas entered by the user when setting the authenticated user # Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped, is # pulled in as part of an LDAP sync # If this option is set to true it will break the default home folder provider as space names can not contain \ ldap.authentication.escapeCommasInUid=false # Comma separated list of user names who should be considered administrators by default ldap.authentication.defaultAdministratorUserNames=Administrator # This flag enables use of this LDAP subsystem for user and group # synchronization. It may be that this subsytem should only be used for # authentication, in which case this flag should be set to false. ldap.synchronization.active=true # The authentication mechanism to use for synchronization ldap.synchronization.java.naming.security.authentication=simple # The default principal to bind with (only used for LDAP sync). This should be a UPN or DN ldap.synchronization.java.naming.security.principal=alfresco@youraddomain.loc # The password for the default principal (only used for LDAP sync) ldap.synchronization.java.naming.security.credentials=yourpassword # If positive, this property indicates that RFC 2696 paged results should be # used to split query results into batches of the specified size. This # overcomes any size limits imposed by the LDAP server. ldap.synchronization.queryBatchSize=1000 # If positive, this property indicates that range retrieval should be used to fetch # multi-valued attributes (such as member) in batches of the specified size. # Overcomes any size limits imposed by Active Directory. ldap.synchronization.attributeBatchSize=1000 # The query to select all objects that represent the groups to import. ldap.synchronization.groupQuery=(&(objectclass\=group)(|(CN\=alfresco-group1)(memberOf\=cn\=alfresco-group1,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)(|(CN\=alfresco-group2)(memberOf\=cn\=alfresco-group2,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)))) # The query to select objects that represent the groups to import that have changed since a certain time. ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(|(CN\=alfresco-group1)(memberOf\=cn\=alfresco-group1,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)(|(CN\=alfresco-group2)(memberOf\=cn\=alfresco-group2,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)))(!(modifyTimestamp<\={0}))) # The query to select all objects that represent the users to import. ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf\=cn\=alfresco-group1,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)(memberOf\=cn\=alfresco-group2,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)) # The query to select objects that represent the users to import that have changed since a certain time. ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf\=cn\=alfresco-group1,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc)(memberOf\=cn\=alfresco-group2,OU\=ORGANIZATION,dc\=youraddomain,dc\=loc))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0}))) # The group search base restricts the LDAP group query to a sub section of tree on the LDAP server. ldap.synchronization.groupSearchBase=ou\=ORGANIZATION,dc\=youraddomain,dc\=loc # The user search base restricts the LDAP user query to a sub section of tree on the LDAP server. ldap.synchronization.userSearchBase=ou\=ORGANIZATION,dc\=youraddomain,dc\=loc # The name of the operational attribute recording the last update time for a group or user. ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp # The timestamp format. Unfortunately, this varies between directory servers. ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z' # The attribute name on people objects found in LDAP to use as the uid in Alfresco ldap.synchronization.userIdAttributeName=sAMAccountName # The attribute on person objects in LDAP to map to the first name property in Alfresco ldap.synchronization.userFirstNameAttributeName=givenName # The attribute on person objects in LDAP to map to the last name property in Alfresco ldap.synchronization.userLastNameAttributeName=sn # The attribute on person objects in LDAP to map to the email property in Alfresco ldap.synchronization.userEmailAttributeName=mail # The attribute on person objects in LDAP to map to the organizational id property in Alfresco ldap.synchronization.userOrganizationalIdAttributeName=company # The default home folder provider to use for people created via LDAP import ldap.synchronization.defaultHomeFolderProvider=largeHomeFolderProvider # The attribute on LDAP group objects to map to the authority name property in Alfresco ldap.synchronization.groupIdAttributeName=cn # The attribute on LDAP group objects to map to the authority display name property in Alfresco ldap.synchronization.groupDisplayNameAttributeName=displayName # The group type in LDAP ldap.synchronization.groupType=group # The person type in LDAP ldap.synchronization.personType=user # The attribute in LDAP on group objects that defines the DN for its members ldap.synchronization.groupMemberAttributeName=member # If true progress estimation is enabled. When enabled, the user query has to be run twice in order to count entries. ldap.synchronization.enableProgressEstimation=true
- passthru-authentication-context.properties anpassen (/var/lib/tomcat6/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/passthru/passthru-authentication-context.properties)
passthru.authentication.useLocalServer=false passthru.authentication.domain=youraddomain passthru.authentication.servers=YOURADDOMAIN\\firstADsrv.youraddomain.loc,YOURADDOMAIN\\secondADsrv.youraddomain.loc passthru.authentication.guestAccess=false passthru.authentication.defaultAdministratorUserNames=administrator #Timeout value when opening a session to an authentication server, in milliseconds passthru.authentication.connectTimeout=5000 #Offline server check interval in seconds passthru.authentication.offlineCheckInterval=300 passthru.authentication.protocolOrder=NetBIOS,TCPIP passthru.authentication.authenticateCIFS=true passthru.authentication.authenticateFTP=true
- Tomcat neustarten
Kommentare