Windows Server – VM System Date/Time

September 4, 2014 Leave a comment

 We all know how important System Date/Time is; whether the server is in VM or not.

Right now, I have one problem that I cannot resolve, Time Server in my VM Machines. Our user called me and said that the timestamp on their application is wrong. I checked the Time is our Server and true enough the time is advance by 8 hours.

I reconfigured the Date and Time Settings, Changed the Time Zone, Region and Languages to no avail. The time didn’t change a bit. Changing the Date and Time manually resolved the issue but eventually, the same problem will come back and knock at your door. Have to fix this the proper way.

This problem exists for number of days now and the VM/Server is already in production with temporary solution.

Go back to google and search for another solution, but I was looking for this for days now. Nothing is registering on my mind… same solution, different wordings… Got to wake up. Have a break and take some coffee. Go back in my workstation, staring at my VM’s settings while taking coffee.

VMS

Clicking on each options one by one, Hardware, Management, back to Hardware again, Management. Until I emptied my coffee and shoot it in the trash bin (darn! coffee drips on my shirt!) – Counted! 2 point for System Admin 0 for problem resolution.

When I faced my workstation I noticed that my screen is in Management à Integrated Services All Service Offered and on the right side there’s TIME SYNCHRONIZATIOOOONNN.

TS

I immediately disabled the Time Synchronization on my Test VM and log in.  Check the system date and… DARN! No changes! System Date/Time is still off.  I remembered that Windows has one rule in making system changes. You have to restart the machine for the changes to take effect.

Reboot the VM. Waiting for VM to boot. Waiting… waiting… waiting…

VM booted. Login and check the System Date/Time. Yeheeyyy! System date is now CORRECCCT!

2 points for System Admin and 2 points for problem resolved.  Game clock 0.0 and the game is sets for an Over Time.

 

 

 

 

Categories: Virtual Machine

Alfresco – Desktop Action

October 7, 2010 2 comments

How’s your Alfresco doing?

In my case, we’re going for implementation after weeks of testing and some modifications.

Well, I don’t want to see those CheckIn/Checout in every folder (and my user’s agree with me).  My users keeps asking me about it (wishper: I changed the File Server for some users without their knowledge for testing.  Don’t do this or your head will ROLL!).  For them Alfresco is like the same Windows File Server.  I like it that way for simplicity and I will introduce more functionality when we role out the entire Alfresco system.

NOTE:  To disable the feature, you have to put a comment on each property.

<– Enclosed in this arrow are comments
–>

1st – I want to change the Alfresco name into my company name.

Crate a file /opt/alfresco/tomcat/shared/classes/alfresco/extension/webclient_en_US.properties and put your company name

# cd /opt/alfresco/tomcat/shared/classes/alfresco/extension/
# vi webclient_en_US.properties

and put

company_home=Your Company Name

 

2nd – disable the URLFileName and the Desktop actions.  These are the extra files that you see in every folder and everytime you create a folder.  For me I don’t see them helping my users to deal with their files/folder.

Edit the /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers-context.xml

# cd /opt/alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default
# vi file-servers-context.xml

Look for the following and comment it like below

<!– Add a URL file to each folder that links back to the web client –>
<!–
<property name=”URLFileName”>
<value>__Alfresco.url</value>
</property>
–>

and for Desktop Actions

<!–
<bean>
<property name=”name”>
<value>CheckInOut</value>
</property>
<property name=”filename”>
<value>__CheckInOut.exe</value>
</property>
</bean>
<bean>
<property name=”name”>
<value>JavaScriptURL</value>
</property>
<property name=”filename”>
<value>__ShowDetails.exe</value>
</property>
<property name=”scriptName”>
<value>alfresco/desktop/showDetails.js</value>
</property>
</property>
<property name=”attributeList”>
<value>anyFiles</value>
</property>
<property name=”preprocess”>
<value>copyToTarget</value>
</property>
</bean>
–>

Restart your Alfresco and check your alfresco in windows file explorer.

How was it?  Now, it’s just like the old Windows File Server right?!

Installing Apache and PHP

September 9, 2010 Leave a comment

Have you installed a database server and wish you could have installed a web server and php on it to so that you can create your own script to manage the database?

Unfortunately, I came across that situation.

Installing new daemon/server into Linux is an easy task and you don’t have to restart your server.  This is a good news for you, that means no downtime for database server.

Let’s start with the installation.

1.  Install the Apache Server – Linux server will download some files to be installed and after installing the Apache server, apt-get will start it for you.

# apt-get install apache2

Now, you have a running web server.  To test your server:

2.  Install PHP5 – Linux server will download all files needed to install PHP5 into your server then apt-get will restart the web server for you.

# apt-get install php5

If web server is not restarted, don’t worry about it for now coz, we have to install the PHP5 module for your web server.

3.  Install PHP5 module for Apache

# apt-get install libapache2-mod-php5

If your web server was not restarted, you have to restart it manually.

# /etc/init.d/apache2 restart

To test PHP5, create info.php to view the PHP5 configuration.

<?php
phpinfo();
?>

Check PHP5 configuration in your browser, type in “http://<Apache.Server.IP.Address>/info.php&#8221; and you should see the PHP5 configuration.

And… You’re done!

Categories: Linux

Mounting nfs share on boot

July 26, 2010 1 comment

Have you encountered that your mounted nfs folder disappeared after the server reboot (for whatever reason)?

Very frustrating huh?!

I will show you how to mount and will not lose the connection.

Let’s check what are the shared folder exported from our NFS server.

# showmount -e <nfs.server.ip.address>
The program ‘showmount’ is currently not installed.  You can install it by typing:
apt-get install nfs-common
showmount: command not found

Arg!!! showmount is not installed.  Have to install it first using apt-get.

# apt-get install nfs-common

Now we can view the shared folder from our NFS server.

# showmount -e <nfs.server.ip.address>
Export list for <nfs.server.ip.address>:
/mnt/<shared_folder> <nfs.server.ip.address>/255.255.255.0

Let’s try to mount it to test if we will not encounter any problem in mounting the shared folder.

# mount <nfs.server.ip.address>:/mnt/<shared_folder> /home/<user>/<new_folder>

We can check the newly mounted share using df.

# df -k
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/sda3             48425796   3339580  42626264   8% /
udev                    509032       248    508784   1% /dev
none                    509032         0    509032   0% /dev/shm
none                    509032       112    508920   1% /var/run
none                    509032         0    509032   0% /var/lock
none                    509032         0    509032   0% /lib/init/rw
<raid.server.ip.address>:/mnt/<shared.folder> 511900416 139367936 346531840  29% /home/<user>/<new_folder>

Neat! It was mounted without any problem.

Mounting it without losing it on boot is not that hard.  We have to edit the /etc/fstab

# vi /etc/fstab

Add this line at the bottom the details that you saw when you viewed the shared folder from our NFS server (see above).

<raid.server.ip.address>:/mnt/<shared.folder>       /home/<user>/<new_folder>       nfs     rw  0       0

Reboot the server and watch the magic as it happens.

Check the mounted shared folder using df.

Neat!

Categories: Linux

Add Alfresco on bootup

July 25, 2010 2 comments

Ola amigos y amigas

Just finished everything from Alfresco with CIFS a few days ago.  I have to test everything from start to simulate all the changes that I made is working properly.

Reboot the server.

Check the Alfresco in my browser.  It’s not working, expected result.

But, I want my Alfresco to start at boot so that I don’t have to manually start it everytime I boot my server.

Let’s see…

I need to add alfresco script to start-up application.

# cd /opt/alfresco/33G
# update-rc.d alfresco.sh defaults
update-rc.d: warning: /etc/init.d/alfresco.sh missing LSB information
update-rc.d: see <http://wiki.debian.org/LSBInitScripts&gt;
Adding system startup for /etc/init.d/alfresco.sh …
/etc/rc0.d/K20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc1.d/K20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc6.d/K20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc2.d/S20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc3.d/S20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc4.d/S20alfresco.sh -> ../init.d/alfresco.sh
/etc/rc5.d/S20alfresco.sh -> ../init.d/alfresco.sh
#

Reboot the machine again.  Now, Alfresco started.  Nice!

Tried Alfresco in Windows Explorer.  No dice.

Just remembered that I have to run the iptables again.  Argg!

I need to create the iptables script and execute it on boot like alfresco script.

# cd /etc/init.d
# vi alfresco.iptables

Put in the iptables commands

#!/bin/bash
# Flash all IPTables rule
iptables -F
iptables -t nat -F

# Accept all INPUT, Forward and Output
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

# IPTables forwarding samba port to Alfresco
iptables -A INPUT -p udp -m state –state NEW –dport 137 -j ACCEPT
iptables -A INPUT -p udp -m state –state NEW –dport 138 -j ACCEPT
iptables -A INPUT -p tcp -m state –state NEW –dport 139 -j ACCEPT
iptables -A INPUT -p tcp -m state –state NEW –dport 445 -j ACCEPT

#IPTables for Alfresco
iptables -t nat -A PREROUTING -p udp –dport 137 -j REDIRECT –to-ports 1137
iptables -t nat -A PREROUTING -p udp –dport 138 -j REDIRECT –to-ports 1138
iptables -t nat -A PREROUTING -p tcp –dport 139 -j REDIRECT –to-ports 1139
iptables -t nat -A PREROUTING -p tcp –dport 445 -j REDIRECT –to-ports 1445

Make it executable and run update-rc.d again.

# chmod 755 alfresco.iptables
# update-rc.d alfresco.iptables defaults
update-rc.d: warning: /etc/init.d/alfresco.iptables missing LSB information
update-rc.d: see <http://wiki.debian.org/LSBInitScripts&gt;
Adding system startup for /etc/init.d/alfresco.iptables …
/etc/rc0.d/K20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc1.d/K20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc6.d/K20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc2.d/S20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc3.d/S20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc4.d/S20alfresco.sh -> ../init.d/alfresco.iptables
/etc/rc5.d/S20alfresco.sh -> ../init.d/alfresco.iptables
#

Reboot Alfresco Server again.

Test Alfresco.

Isn’t it nice when your application runs perfectyly😀

Alfresco with CIFS

July 20, 2010 11 comments

After successfull configuration on Alfresco authenticating in Active Directory.  We will try the hardest part in Alfresco configuration.

Alfresco with CIFS

I tried configuring this for weeks now to no avail.  Search in Google, Yahoo, Bing, etc.  No luck still.

Finally I hit a jackpot!

Let me tell you how I did it.

I only edit the /opt/alfresco/tomcat/shared/classes/alfresco-global.properties and didn’t touch any file other than this.  Remember to put your configuration at the end of the file.

Authentication chain should be alfrescoNtlm, passthru and ldap.

authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap

why 3?

Based on Alfresco Wiki – ldap can synchronize with Active Directory (which is what we did in previous blog) while passthru can do authentication for CIFS.  Read carefully the Note, it will save you a head ache.

Alfresco NTLM, passthru and ldap configuration for CIFS

ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=false
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true
ldap.authentication.active=false
ldap.synchronization.active=true

Authentication domain can be left blank while the authentication server

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=<NetBIOS.DOMAIN>\\<Your.ActiveDirectory.IP.Address>

I don’t want unknown users to connect into my Alfresco server.

ntlm.authentication.sso.enables=false
ntlm.authentication.mapUnknownUserToGuest=false

I don’t want to use FTP

passthru.authentication.authenticateFTP=false

Define the administrator accounts separated by coma.  In my case, I want my Administrator account.

passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=administrator
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS

Ldap Synchronisation – have to define the authentication type and the authentication server url

ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://<Your.ActiveDirectory.IP.Address>:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false

We need to provide the Active Directory account with Administrator privileges to bind with Active Directory.

ldap.synchronization.java.naming.security.principal=<NetBIOS>\\administrator
ldap.synchronization.java.naming.security.credentials=<Administrator.password>
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupDifferentialQuery=(&(objectclass=nogroup)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(& (objectclass=user)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupQuery=(objectclass\=group)

Synchronization for group and user per domain.

ldap.synchronization.groupSearchBase=cn\=users,dc=<your.domain>,dc=com
ldap.synchronization.userSearchBase=cn\=users,dc=<your.domain>,dc=com

The query that we want to pass to Active Directory

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss’.0Z’
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
synchronization.synchronizeChangesOnly=true

CIFS Configuration.

cifs.disableNativeCode=false
cifs.enabled=true
cifs.serverName=<Alfresco.server.name>
cifs.domain=<NetBIOS.Domain>
cifs.hostannounce=true
cifs.sessionTimeout=500
cifs.ipv6.enabled=false
cifs.tcpipSMB.port=1445
cifs.netBIOSSMB.namePort=1137
cifs.netBIOSSMB.datagramPort=1138
cifs.netBIOSSMB.sessionPort=1139
cifs.WINS.autoDetectEnabled=true

Save and start Alfresco.

I’m accessing alfresco as alfresco_user.  That means I don’t have privilege to use SMB ports.  IPTables comes in handy.  (whisper:  I got this from Alfresco wiki ;))

# iptables -F
# iptables -t nat -F
# iptables -P INPUT ACCEPT
# iptables -P FORWARD ACCEPT
# iptables -P OUTPUT ACCEPT
# iptables -t nat -A PREROUTING -p tcp –dport 445 -j REDIRECT –to-ports 1445
# iptables -t nat -A PREROUTING -p tcp –dport 139 -j REDIRECT –to-ports 1139
# iptables -t nat -A PREROUTING -p udp –dport 137 -j REDIRECT –to-ports 1137
# iptables -t nat -A PREROUTING -p udp –dport 138 -j REDIRECT –to-ports 1138

In my case I opened three terminal, one is for Alfresco log monitoring in case there’s an error and second is to modify alfresco-global.properties and the third is to start/stop alfresco.

alf_start.sh

Neat eh!  No error.  We’ll try to connect to Alfresco from windows xp.

ERROR [org.alfresco.fileserver] java.lang.IllegalArgumentException: NetworkFile does not implement NetworkFileStateInterface
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.server.filesys.cache.FileStateLockManager.lockFile(FileStateLockManager.java:147)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.procLockingAndX(NTProtocolHandler.java:2104)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:299)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.runHandler(SMBSrvSession.java:1366)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.processPacket(SMBSrvSession.java:1458)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.nio.NIOCIFSThreadRequest.runRequest(NIOCIFSThreadRequest.java:105)
ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.server.thread.ThreadRequestPool$ThreadWorker.run(ThreadRequestPool.java:153)
ERROR [org.alfresco.fileserver]    at java.lang.Thread.run(Thread.java:619)

What?!  Error again! (went to pantry and get a coffee)

Troubleshooting:

Checking the iptables rules

# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  —  anywhere             anywhere            tcp dpt:microsoft-ds redir ports 1445
REDIRECT   tcp  —  anywhere             anywhere            tcp dpt:netbios-ssn redir ports 1139
REDIRECT   udp  —  anywhere             anywhere            udp dpt:netbios-ns redir ports 1137
REDIRECT   udp  —  anywhere             anywhere            udp dpt:netbios-dgm redir ports 1138

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Everything seems to be in order.

I will try connecting to the ports from my Linux box.

# smbclient -U andy \\\\<Alfresco.server.IP.Address>\\alfresco -p 1139
Enter andy’s password:
Domain=[<NetBIOS.Domain>] OS=[Java] Server=[Alfresco CIFS Server 5.1.0]
smb: \> ls
.                                   D        0  Tue Jul 13 16:06:10 2010
.                                   D        0  Tue Jul 13 16:06:10 2010
__Alfresco.url                      R      134  Tue Jul 20 15:49:37 2010
Data Dictionary                     D        0  Tue Jul 13 16:06:10 2010
Guest Home                          D        0  Tue Jul 13 16:06:11 2010
User Homes                          D        0  Tue Jul 13 16:06:11 2010
Sites                               D        0  Tue Jul 13 16:06:26 2010
Web Projects                        D        0  Tue Jul 13 16:06:52 2010
Web Deployed                        D        0  Tue Jul 13 16:06:53 2010

40000 blocks of size 2097152. 36000 blocks available
smb: \>

That’s good.  Linux box was able to connect to Alfresco.  Port forwarding is working perfectly.  But not Windows XP.  Why?! (Thinking… sipping coffee)

Wait.  I used port 1139 instead of 139, Windows is using port 139 and not 1139.  I’ll try it again, this time I will connect my Linux box to port 139.

# smbclient -U andy \\\\<Alfresco.server.IP.Address>\\alfresco -p 139
Enter andy’s password:
Connection to <Alfresco.server.IP.Address> failed (Error NT_STATUS_CONNECTION_REFUSED)

BAM!  Error!  NT_STATUS_CONNECTION_REFUSED (Thinking… Pulling my hair)

That means port 139 is closed.  If it’s closed we need to open it.

# iptables -A INPUT -p udp -m state –state NEW –dport 137 -j ACCEPT
# iptables -A INPUT -p udp -m state –state NEW –dport 138 -j ACCEPT
# iptables -A INPUT -p tcp -m state –state NEW –dport 139 -j ACCEPT
# iptables -A INPUT -p tcp -m state –state NEW –dport 445 -j ACCEPT

IPTables above will accept new connection on ports 137, 138, 139 and 445 so that redirection will take effect otherwise, IPTables will drop the connection on the said ports.

Try again.  Test Alfresco from windows xp.

Good!  Good! no error.  I was able to connect.

Let’s try to copy file to Alfresco.

Neat!  Accepting ports in 137, 138, 139 and 445 solved the problem.

Ha! Ha! Ha!

Hope you’ll be happy like me😉

Alfresco with Active Directory

July 18, 2010 12 comments

If you have not read my Basic Alfresco Installation read it now before going here.

We will going to configure Alfresco to authenticate using Active Directory so that our Windows users can use Alfresco.  We will not have any Alfresco account.

Alfresco’s configuration file is alfresco-global.properties, you can find it  in /opt/alfresco/tomcat/shared/classes.  Make sure to backup the original file, in case you mess up with it.

Basic configuration is already defined and we will add our configuration at the bottom of the file.

Authentication Chain will be passthru with ldap

authentication.chain=passthru1:passthru,ldap1:ldap

Passthru configuration.  I don’t want guest users to login into my Alfresco and access my files.

passthru.authentication.sso.enabled=false
passthru.authentication.allowGuestLogin=false

Passthru authentication.  We are not going to use CIFS/Samba and FTP, thus we are going to disable it.

passthru.authentication.authenticateCIFS=false
passthru.authentication.authenticateFTP=false

We have to define the Active Directory server where Alfresco users will be authenticated and define the Administrator account who’s going to configure our Alfresco.

passthru.authentication.servers=<Your.AD.Server.IP.Address>
passthru.authentication.domain=<Netbios Domain>
passthru.authentication.useLocalServer=false
passthru.authentication.defaultAdministratorUserNames=<Your.Active.Directory.Administrator.Account>
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS

Ldap authentication configuration.  I don’t want an LDAP authentication rather I want a passthru authentication

ldap.authentication.active=false
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://<Your.AD.Server.IP.Address>:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false

Ldap Synchronization.  You have to define the user that has an administrative account in your Active Directory.  This account will login to your Active Directory Server to pull all your users.

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=<Netbios Domain>\\<administrator.privilege.account>
ldap.synchronization.java.naming.security.credentials=<administrator.privilege.account.password>
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupDifferentialQuery=(&(objectclass=nogroup)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(& (objectclass=user)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupQuery=(objectclass\=group)

We are going to synchronize all users and groups from your Domain.

ldap.synchronization.groupSearchBase=cn\=users,dc=<company.domain>,dc=com
ldap.synchronization.userSearchBase=cn\=users,dc=<company.domain>,dc=com

Other default ldap synchronization configuration

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss’.0Z’
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member

We want to synchronize the changes that we made from our Active Directory

synchronization.synchronizeChangesOnly=true

We are not going to use CIFS/Samba

cifs.enabled=false

Start your Alfresco and monitor your log.

$ cd /opt/alfresco
$ ./alf_start.sh
$ tail -f alfresco.log

Everything seems to be ok.

From your browser, type in your Alfresco server with port 8080

http://<Your.Alfresco.Server.IPAddress&gt;:8080/alfresco

Login using your Active Directory account

while your Alfresco Share is

http://<Your.Alfresco.Server.IPAddress&gt;:8080/share

Next time, I will configure Alfresco with CIFS/Samba.  I read that this is tough to configure.

Wish me luck!