Notes to myself
Well…, it is very strange, that SP uninstall remove English languge ?!
1.If you get :
Exception: Microsoft.SharePoint.SPException: The language is not supported on the server. —> System.Runtime.InteropServices.COMException (0x8102005E): The language is not supported on the server.
you have to reinstall language pack.
2.If you wonder, SP Console caches .NET configuration files ?!
This smart card seems to support only 1024 bit key length and certificates in der format with .cer file extension.
Steps to generate and import keys:
1. generate private key and self signed certificate:
openssl req -x509 -nodes -days 3650 -newkey rsa:1024 -keyout privateKey.key -out certificate.crt
2. convert certificate to der format with cer extension
openssl x509 -outform der -in certificate.crt -out certificate.cer
2a. or optionally pack key and certificate in single file
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt
3. import resulting file/files
LDAP paged size ldap.pagedResultsSize Finally got it working
In order to work you will need to:
There is optional patch that allows retrieving all users (in a single page) in admin interface. It also adds 500 and 1000 results per page.
Note: ldap.pagedResultsSize.patch_ is now applied to svn trunk.
Contents1. Scenario |
The scenario goal is to set up OpenFire with LDAP based authentication against Microsoft (MS) Active Directory (AD).
LDAP is an application protocol. OpenFire will act as a client to a LDAP server – MS AD in our case. We will use AD LDAP for two reasons:
The easiest way to understand LDAP protocol is to imagine that the file browser on your computer is a LDAP server. You have a com directory with a subdirectory named company. The company directory in turn contains a subdirectory named my and so on. Let’s assume that you search for all png files. Depending on your search starting point your results will vary. If you search starts at OUS folder, you probably won’t get any results. In terms of LDAP the search starting point is called base dn and the search criteria is called search filter.
Suppose we have an AD. The domain is called my.company.com, and the FQDN of the domain controller is dc1.my.company.com . There are two groups: salesand it. Both reside in Groups Organizational Unit (OU), which resides in OUS. We also have a Users OU. At the picture below you can see how the AD looks like viewed in Active Directory Users and Computers (at foreground) and viewed by an MS LDAP browser called ADSIEDIT (at background). Please take a look at the Distinguished Name. You can think about it as a full path to an object (a group, a person, etc.) in AD while using LDAP notation. Remember the example above? You can denote cn as a common name, ou as an organizational unit , dc as a domain component.
Configure database settings, then enter necessary information. Please note, that you can use a dedicated user account for OF administrator, no need for AD administrative privileges. Test settings!
In order to achieve best performance you will need to increase default memory used by java VM. In Gentoo linux – go to /etc/conf.d/openfire
and change -Xmx2048m to the desired value.
| /etc/conf.d/openfire |
OPENFIRE_HOME=/opt/openfire
OPENFIRE_LIB="${OPENFIRE_HOME}/lib"
OPENFIRE_OPTS="-Xmx2048m -DopenfireHome=${OPENFIRE_HOME} -Dopenfire.lib.dir=${OPENFIRE_LIB}"
OPENFIRE_CLASS="-classpath ${OPENFIRE_LIB}/startup.jar"
OPENFIRE_JAR="-jar ${OPENFIRE_LIB}/startup.jar"
OPENFIRE_ARGS="-server ${OPENFIRE_OPTS} ${OPENFIRE_CLASS} ${OPENFIRE_JAR}"
#JVM used by the openfire server. You can see a list of available vm's in /usr/lib/jvm/
#But remenber that openfire needs a 1.5 jvm
GENTOO_VM=sun-jdk-1.5
|
You have to monitor your cache performance and most likely you will have to increase cache size. Go to server manager:: Caches summary. Watch for Roster cache size and usage. Some symptoms of inefficient cache size are: slow user connection, users appears offline while connected, messages are delayed, LDAP server experiences heavy traffic. Properties to note:
cache.ldap.size
cache.userCache.size
cache.userGroup.size
cache.username2roster.size
cache.vcardCache.size
I achieve best performance boost with Username2Roster.
If you have a large number of users and frequent logins, you can try to enable authCache:
ldap.authCache.enabled
ldap.authCache.size
Remove all unneeded modules.
ToDo / Note this is a work in progress/:
add links, more tweaks, more search filters.
I want to be able to send messages from an external application via an http request to users. For this reason I ‘merged’ UserService and Subscription plugins. With this modification userService can send messages to users. All you need to do is to build a correct http request in your application.
New parameters added:
| sender | sender of the message | OF version |
| recipient | recipient of the message | 3.6+ |
| subject | subject of the message | 3.6+ |
| msg | body (text) of the message | 3.6+ |
| username | a valid username | 3.7+ |
Example query 3.6+ :
Example query 3.7+ :
All parameters can be sent via HTTP POST or GET methods in a single query. For example the sender, the recipient and the subject parameters use http GET, while the msg parameter uses http POST method.
Note: In order to send big (more than ~2k) messages you need to use POST method for the msg parameter. You need to urlencode() some or all the values!
userService_OF3.6.0_20080519_0
userService_OF3.7.0b_20100415_0
An example usage is an intranet web application that sends message to a user when someone opens a link. A simple PHP example:
| Simple PHP example |
|