diff --git a/doc/README.Ldap b/doc/README.Ldap new file mode 100644 index 000000000..7940ca091 --- /dev/null +++ b/doc/README.Ldap @@ -0,0 +1,58 @@ +Ldap configuration +=================== + +The configuration for authentication against an ldap server needs to be done +the settings.xml file using a text editor. It cannot be edited from within the +web gui. + +SeedDMS supports ldap authentication using an Active Directory (AD) or a +regular ldap server, e.g. openldap + +The location of the ldap server is specified in two parameters: 'host' and +'port'. 'host' can be either a plain hostname or an ldap URI, including the +protocol, the host and optionally the port, e.g. ldap://localhost:389. In case +of an URI the port in the configuration must remain empty. + +The authentication itself is a two step process which differs, depending on how +to bind to the server. If the configuration sets 'bindDN' and 'bindPW', those +values will be used for a initial non anonymous bind to the ldap server +otherwise an anonymous bind is executed. + +After the initial bind, a ldap search for either 'uid=' (ldap) or +'sAMAccountName=' (AD) below basedn is done. The purpose of this +search is to retrieve a working bindDN which is then used to actually +authenticate the user. In case of an anonymous first bind the search will +likely fail and the bindDN for the second bind will be either +'uid=,' (ldap) or '@' (AD). If +the search succeeds the bindDN will be taken from the user's data in the ldap +server. This bindDN will be used for a second bind using the users password. +If the second bind succeeds the user could be successfully authenticated. + +The data from the ldap server can be used to create an account in SeedDMS +if the user trying to login does not exist yet, but was able to authenticate. +This will only be done if 'authentication->restricted' in the configuration +is set to true. In that case the common name (cn) and email address is taken +from ldap. Existing accounts in SeedDMS will not be updated with data from +ldap. + +Examples +--------- + +Anonymous bind to openldap on localhost, port 389 +- type = "ldap" +- baseDN = "ou=users,dc=mycompany,dc=de" +- host = "ldap://localhost" + +During authentication as user 'admin' the following steps are executed + +1. connect to ldap server at localhost:389 +2. do an anonymous bind +3. search for 'uid=admin' below basedn +4.1. if search succeeds use the dn from the user +4.2. if search fails use 'uid=admin,' as dn +5. do a non anonymous bind with dn and password entered by user +6. if step 5. succeeds the use is authenticated + +If bindDN and bindPW are specified in the configuration, the second step +will be a non anonymous bind. + diff --git a/doc/README.Mail b/doc/README.Mail new file mode 100644 index 000000000..2ee7c999d --- /dev/null +++ b/doc/README.Mail @@ -0,0 +1,30 @@ +Mail configuration +=================== + +SeedDMS uses email to + +* notify users about changes of documents and folders +* send instructions during the password forgotten process + +Configuring email in SeedDMS is simple on systems running a +local mail server, because this is the default in SeedDMS and +no additional configuration is needed. On Linux you should +consider running a local mail server, which relais the mails +to your outgoing mail server. If you cannot run a local mail +server, you can still configure SeedDMS to use an outgoing +SMTP server. Below are some examples on how to configure +SeedDMS for different hosters. + +1&1 +--------- + +smtp server: ssl://smtp.1und1.de +smtp port: 465 + +Gmail +--------- +smtp server: smtp.gmail.com +smtp port: 587 +note: you have to turn on 'Less secure app access' in your google account, +otherwise you will not be able to send mail. It will quit with an error +complaining about wrong credentials diff --git a/doc/README.ocr b/doc/README.ocr new file mode 100644 index 000000000..aaf6a9196 --- /dev/null +++ b/doc/README.ocr @@ -0,0 +1,59 @@ +OCR +==== + +SeedDMS itself has no support for optical character recognition (OCR) +because it does not care about the content of file. Though, external +OCR software can be used to convert an image into text and index it +by the full text search engine. + +The following script can be use to convert a scanned image into pdf +with a text layer added. The script actually takes this file to +ran it through pdftotext. It was published in the seeddms forum +https://sourceforge.net/p/seeddms/discussion/general/thread/4ec5973d/ + + +#!/bin/bash +inputpdf=$1 +temp_folder=/tmp/seedinput/$(date +"%Y_%m_%d_%H%M%S")/ +lockfile=/tmp/seed +protokolldatei=./tesser_syslog +cores=2 + +mkdir -p $lockfile + +while [ -e "$lockfile"/"`basename $0`" ]; +do + sleep 5 +done + +if ( set -o noclobber; echo "locked" > "$lockfile"/"`basename $0`"); then + +trap 'rm -f "$lockfile"/"`basename $0`"; echo $(date) " Lockdatei wird geloescht: " $lockfile"/"`basename $0` Aufrufparameter: $* >> $protokolldatei ;rm -r $temp_folder; exit $?' INT TERM KILL EXIT + #das Datum mit dem Scriptnamen in die Protokolldatei schreiben + echo $(date) " Lockdatei erstellt: " $lockfile"/"`basename $0` >> $protokolldatei + +else + #Script beenden falls Lockdatei nicht erstellt werden konnte + echo $(date) " Programm wird beendet, Lockdatei konnte nicht erstellt werden: $lockfile"/"`basename $0` Aufrufparameter: $* " >> $protokolldatei + exit 1 +fi + +mkdir -p $temp_folder + +$(pdftotext -raw $1 - 1> $temp_folder''tmp.txt ) +pdf_contents=`cat $temp_folder''tmp.txt` +pdf_contents=`echo "$pdf_contents" | tr -dc '[:print:]'` +if [ -z "$pdf_contents" ]; then + convert -density 300 -quality 95 $inputpdf +adjoin $temp_folder''image%03d.jpg + find $temp_folder -name '*.jpg'| parallel --gnu -j $cores tesseract -l deu --psm 6 {} {} pdf + +num=`find $temp_folder -name '*.pdf'| wc -l` +if [ "$num" -gt "1" ]; then + pdfunite $temp_folder*.pdf $temp_folder''tmp.pdf +else + mv $temp_folder*.pdf $temp_folder''tmp.pdf +fi + pdftotext $temp_folder''tmp.pdf $temp_folder''tmp.txt + mv $temp_folder''tmp.pdf $1 +fi +cat $temp_folder''tmp.txt diff --git a/views/bootstrap/class.Settings.php b/views/bootstrap/class.Settings.php index 9d790048e..851aa7ca9 100644 --- a/views/bootstrap/class.Settings.php +++ b/views/bootstrap/class.Settings.php @@ -176,9 +176,9 @@ class SeedDMS_View_Settings extends SeedDMS_Theme_Style { - - $value) { $optval = trim($isass ? $i : $value); @@ -588,7 +588,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) case 'select': if(!empty($conf['options'])) { $selections = empty($settings->_extensions[$extname][$confkey]) ? array() : explode(",", $settings->_extensions[$extname][$confkey]); - echo ""; foreach($conf['options'] as $key=>$opt) { echo ""; foreach($categories as $category) { @@ -618,7 +618,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) case "users": $users = $dms->getAllUsers(); if($users) { - echo ""; if($allowempty) echo ""; foreach($users as $curuser) { @@ -633,7 +633,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) case "groups": $recs = $dms->getAllGroups(); if($recs) { - echo ""; if($allowempty) echo ""; foreach($recs as $rec) { @@ -650,7 +650,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) $attrtype = empty($conf['attrtype']) ? 0 : $conf['attrtype']; $recs = $dms->getAllAttributeDefinitions($objtype, $attrtype); if($recs) { - echo ""; if($allowempty) echo ""; foreach($recs as $rec) { @@ -667,7 +667,7 @@ if(($kkk = $this->callHook('getFullSearchEngine')) && is_array($kkk)) case "workflows": $recs = $dms->getAllWorkflows(); if($recs) { - echo ""; if($allowempty) echo ""; foreach($recs as $rec) {