src/overview.html - plexi/ad - Git at Google

 <body>
 <h3 id="adadaptor">Deployment of Active Directory Adaptor</h3>

 <p>A single instance of Active Directory adaptor can acquire
 and resolve groups from multiple Active Directory servers.

 <h4>Requirements</h4>
 <ul>
   <li>GSA 7.2 or higher
   <li>Java JRE 1.6u27 or higher installed on computer that runs adaptor
   <li>Active Directory Adaptor JAR executable
   <li>Credentials for Active Directory servers to be read
 </ul>

 <h4>Configure GSA for Adaptor</h4>
 <ol>
   <li>Add the IP address of the computer that hosts the adaptor to the <b>List
     of Trusted IP Addresses</b> on the GSA.
     <p>In the GSA's Admin Console, go to <b>Content Sources &gt; Feeds</b>,
     and scroll down to <b>List of Trusted IP Addresses</b>. Add the IP address
     for the adaptor to the list.
 </ol>

 <h4>Configure Adaptor</h4>
 <ol>
   <li>Create a file named <code>adaptor-config.properties</code> in the
   directory that contains the adaptor binary. The configuration can
   be for multiple AD servers. The variable <code>ad.servers</code>
   contains a list of server identifiers.
   <p>
   Here is an example configuration (bold items are example values to be
   replaced):
 <pre>
 gsa.hostname=<b>yourgsa.example.com</b>
 ad.domain=<b>example.com</b>
 ad.defaultUser=<b>Admin</b>
 ad.defaultPassword=<b>PassW0RD</b>
 ad.servers=<b>firstServer,anotherAdServer</b>
 ad.servers.firstServer.host=<b>111.111.111.111</b>
 ad.servers.firstServer.method=standard
 ad.servers.firstServer.port=389
 ad.servers.firstServer.user=<b>EXAMPLE\\Administrator</b>
 ad.servers.firstServer.password=<b>yourpassword</b>
 ad.servers.anotherAdServer.host=<b>222.222.222.222</b>
 ad.servers.anotherAdServer.method=standard
 ad.servers.anotherAdServer.port=389
 </pre>
   <p>
   Notice: <code>ad.defaultUser</code> can be overriden by providing particular
   <code>user</code> for a particular server.<br>
   Notice: <code>ad.defaultPassword</code> can be overriden by providing particular
   <code>password</code> for a particular server.<br>

   <li> Create file named <code>logging.properties</code> in the same directory
   that contains adaptor binary:
   <pre>
 .level=INFO
 handlers=java.util.logging.FileHandler,java.util.logging.ConsoleHandler
 java.util.logging.FileHandler.formatter=com.google.enterprise.adaptor.CustomFormatter
 java.util.logging.FileHandler.pattern=logs/adaptor.%g.log
 java.util.logging.FileHandler.limit=10485760
 java.util.logging.FileHandler.count=20
 java.util.logging.ConsoleHandler.formatter=com.google.enterprise.adaptor.CustomFormatter
 </pre>

   <li><p>Create a directory named <code>logs</code> in the same
     directory that contains logging.properties.

   <li><p>Run the adaptor using:
   <pre>java -Djava.util.logging.config.file=logging.properties -jar adaptor-ad-YYYYMMDD-withlib.jar</pre>
 </ol>

 <h4>Running as a service</h4>
   <p>Example service creation on Windows with prunsrv:
   <pre>prunsrv install adaptor-ad --StartPath="%CD%" ^
   --Classpath=adaptor-ad-YYYYMMDD-withlib.jar ^
   --StartMode=jvm --StartClass=com.google.enterprise.adaptor.Daemon ^
   --StartMethod=serviceStart --StartParams=com.google.enterprise.adaptor.ad.AdAdaptor
   --StopMode=jvm --StopClass=com.google.enterprise.adaptor.Daemon ^
   --StopMethod=serviceStop --StdOutput=stdout.log --StdError=stderr.log ^
   ++JvmOptions=-Djava.util.logging.config.file=logging.properties</pre>

   <p>Example execution on Linux with jsvc:
   <pre>jsvc -pidfile adaptor.pid -cp adaptor-ad-YYYYMMDD-withlib.jar com.google.enterprise.adaptor.Daemon com.google.enterprise.adaptor.ad.AdAdaptor</pre>

 <h4>Optional <code>adaptor-config.properties</code> fields</h4>
 <dl>

   <dt>
   <code>server.dashboardPort</code>
   </dt>
   <dd>
   Port on which to view web page showing information and diagnostics. Defaults to "5679".
   </dd>

   <dt>
   <code>ad.localized.Everyone</code>
   </dt>
   <dd>
   Name of Everyone group. Defaults to "Everyone".
   </dd>

   <dt>
   <code>ad.localized.NTAuthority</code>
   </dt>
   <dd>
   Name of NT Authority group. Defaults to "NT Authority".
   </dd>

   <dt>
   <code>ad.localized.Interactive</code>
   </dt>
   <dd>
   Name of Interactive group. Defaults to "Interactive".
   </dd>

   <dt>
   <code>ad.localized.AuthenticatedUsers</code>
   </dt>
   <dd>
   Name of Authenticated Users group. Defaults to "Authenticated Users".
   </dd>

   <dt>
   <code>ad.localized.Builtin</code>
   </dt>
   <dd>
   Prefix for builtin group names. Defaults to "BUILTIN".
   </dd>

   <dt>
   <code>ad.feedBuiltinGroups</code>
   </dt>
   <dd>
   Whether to feed in builtin groups. Defaults to false.
   </dd>

   <dt>
   <code>adaptor.namespace</code>
   </dt>
   <dd>
   Namespace to use on ACLs sent to GSA.  Defaults to "Default".
   </dd>

 </dl>

 </body>
	<body>
	<h3 id="adadaptor">Deployment of Active Directory Adaptor</h3>

	<p>A single instance of Active Directory adaptor can acquire
	and resolve groups from multiple Active Directory servers.

	<h4>Requirements</h4>
	<ul>
	<li>GSA 7.2 or higher
	<li>Java JRE 1.6u27 or higher installed on computer that runs adaptor
	<li>Active Directory Adaptor JAR executable
	<li>Credentials for Active Directory servers to be read
	</ul>

	<h4>Configure GSA for Adaptor</h4>
	<ol>
	<li>Add the IP address of the computer that hosts the adaptor to the <b>List
	of Trusted IP Addresses</b> on the GSA.
	<p>In the GSA's Admin Console, go to <b>Content Sources > Feeds</b>,
	and scroll down to <b>List of Trusted IP Addresses</b>. Add the IP address
	for the adaptor to the list.
	</ol>

	<h4>Configure Adaptor</h4>
	<ol>
	<li>Create a file named <code>adaptor-config.properties</code> in the
	directory that contains the adaptor binary. The configuration can
	be for multiple AD servers. The variable <code>ad.servers</code>
	contains a list of server identifiers.
	<p>
	Here is an example configuration (bold items are example values to be
	replaced):
	<pre>
	gsa.hostname=<b>yourgsa.example.com</b>
	ad.domain=<b>example.com</b>
	ad.defaultUser=<b>Admin</b>
	ad.defaultPassword=<b>PassW0RD</b>
	ad.servers=<b>firstServer,anotherAdServer</b>
	ad.servers.firstServer.host=<b>111.111.111.111</b>
	ad.servers.firstServer.method=standard
	ad.servers.firstServer.port=389
	ad.servers.firstServer.user=<b>EXAMPLE\\Administrator</b>
	ad.servers.firstServer.password=<b>yourpassword</b>
	ad.servers.anotherAdServer.host=<b>222.222.222.222</b>
	ad.servers.anotherAdServer.method=standard
	ad.servers.anotherAdServer.port=389
	</pre>
	<p>
	Notice: <code>ad.defaultUser</code> can be overriden by providing particular
	<code>user</code> for a particular server.<br>
	Notice: <code>ad.defaultPassword</code> can be overriden by providing particular
	<code>password</code> for a particular server.<br>

	<li> Create file named <code>logging.properties</code> in the same directory
	that contains adaptor binary:
	<pre>
	.level=INFO
	handlers=java.util.logging.FileHandler,java.util.logging.ConsoleHandler
	java.util.logging.FileHandler.formatter=com.google.enterprise.adaptor.CustomFormatter
	java.util.logging.FileHandler.pattern=logs/adaptor.%g.log
	java.util.logging.FileHandler.limit=10485760
	java.util.logging.FileHandler.count=20
	java.util.logging.ConsoleHandler.formatter=com.google.enterprise.adaptor.CustomFormatter
	</pre>

	<li><p>Create a directory named <code>logs</code> in the same
	directory that contains logging.properties.

	<li><p>Run the adaptor using:
	<pre>java -Djava.util.logging.config.file=logging.properties -jar adaptor-ad-YYYYMMDD-withlib.jar</pre>
	</ol>

	<h4>Running as a service</h4>
	<p>Example service creation on Windows with prunsrv:
	<pre>prunsrv install adaptor-ad --StartPath="%CD%" ^
	--Classpath=adaptor-ad-YYYYMMDD-withlib.jar ^
	--StartMode=jvm --StartClass=com.google.enterprise.adaptor.Daemon ^
	--StartMethod=serviceStart --StartParams=com.google.enterprise.adaptor.ad.AdAdaptor
	--StopMode=jvm --StopClass=com.google.enterprise.adaptor.Daemon ^
	--StopMethod=serviceStop --StdOutput=stdout.log --StdError=stderr.log ^
	++JvmOptions=-Djava.util.logging.config.file=logging.properties</pre>

	<p>Example execution on Linux with jsvc:
	<pre>jsvc -pidfile adaptor.pid -cp adaptor-ad-YYYYMMDD-withlib.jar com.google.enterprise.adaptor.Daemon com.google.enterprise.adaptor.ad.AdAdaptor</pre>

	<h4>Optional <code>adaptor-config.properties</code> fields</h4>
	<dl>

	<dt>
	<code>server.dashboardPort</code>
	</dt>
	<dd>
	Port on which to view web page showing information and diagnostics. Defaults to "5679".
	</dd>

	<dt>
	<code>ad.localized.Everyone</code>
	</dt>
	<dd>
	Name of Everyone group. Defaults to "Everyone".
	</dd>

	<dt>
	<code>ad.localized.NTAuthority</code>
	</dt>
	<dd>
	Name of NT Authority group. Defaults to "NT Authority".
	</dd>

	<dt>
	<code>ad.localized.Interactive</code>
	</dt>
	<dd>
	Name of Interactive group. Defaults to "Interactive".
	</dd>

	<dt>
	<code>ad.localized.AuthenticatedUsers</code>
	</dt>
	<dd>
	Name of Authenticated Users group. Defaults to "Authenticated Users".
	</dd>

	<dt>
	<code>ad.localized.Builtin</code>
	</dt>
	<dd>
	Prefix for builtin group names. Defaults to "BUILTIN".
	</dd>

	<dt>
	<code>ad.feedBuiltinGroups</code>
	</dt>
	<dd>
	Whether to feed in builtin groups. Defaults to false.
	</dd>

	<dt>
	<code>adaptor.namespace</code>
	</dt>
	<dd>
	Namespace to use on ACLs sent to GSA. Defaults to "Default".
	</dd>

	</dl>

	</body>