Info: Performing the steps described in this article requires direct server access. Depending upon how your system is hosted and the level of access you have to that system, coordination may be required with your Partner or WoodWing Support team. For a full overview of the steps that need to be done by WoodWing and how to request them, see WoodWing Cloud - Change management.
To ease the process of managing and upgrading Studio Server installations, Studio Server can be configured by using just a single configuration file.
This is done by defining any setting that you want to change from any configuration file in Studio Server to this file. These settings are then used to overrule their corresponding values in the default configuration files.
This has the following advantages:
- Easy management: configuration is done from a single file in a central location instead of configuring separate files in multiple locations.
- Easy upgrading: the single configuration file can be simply migrated to any new installation and saves you from having to update the default versions of these files by comparing the new version with the old version.
Requirements
To make this feature work, the option in the source configuration file needs to be defined as follows:
if( !defined('<SETTING_NAME>') ) {
<option with default value>
}
This should be read as "when the option is not defined in the single configuration file, use the following definition" (or: "if not defined, then define as follows").
Example:
|
Note: Any default configuration file in Studio Server and higher is provided this way. Configuration files for any custom Studio Server plug-ins may need adjusting.
Configuring the single configuration file
Step 1. (Optional, only required the first time the file is implemented) Rename the following file:
<Studio Server path>/config/config_overrule.php.default
to:
<Studio Server path>/config/config_overrule.php
Step 2. Add any setting to the config_overrule.php file.
Tip: Group together settings that are taken from the same configuration file to easily keep track from which file they are taken.
Notes: Make sure to also include the following (above the added define statement):
|
Example 1
Here, the default INETROOT setting is overruled:
Setting in the confg.php file:
if( !defined('INETROOT') ) {
define( 'INETROOT', '/StudioServer' );
}
Setting in the overrule_config.php file:
// - - - - config.php file - - - -
define( 'INETROOT', '/StudioMaster' );
Example 2
Example 2: Here, LDAP is overruled.
Note that apart from the LDAP setting itself (LDAP_SERVERS), the class needed to enable it (LDAP.server.class.php) as well as the option that the setting refers to ($ldap_options) are also added to the config_overrule.php file:
Setting in the confg.php file:
require_once BASEDIR.'/server/dataclasses/LDAPServer.class.php';
$ldap_options = array(
'AUTH_USER' => '%username%@myldap.mycompany.local', // %username% will be replaced by entered username
'AUTH_PASSWORD' => '%password%', // %password% will be replaced by entered password
'BASE_DN' => 'DC=myldap,DC=mycompany,DC=local', // Search Base e.g. 'dc=myldap,dc=mycompany,dc=local'
'USERNAME_ATTRIB' => 'sAMAccountName', // LDAP attribute that will be matched against entered username
'GROUPMEMBER_ATTRIB' => 'memberof', // LDAP attribute that will be used to find usergroups, null if you manage groups in Studio Server
// Map Studio Server attributes to LDAP attributes. Only Ent att. 'FullName', 'EmailAddress',
// 'Language', 'TrackChangesColor', 'Organization', 'Location' are allowed.
// The FullName can be made up from more than one LDAP attribute.
// LDAP attributes are always lowercase.
'ATTRIB_MAP' => array(
'FullName' => array( 'name' ),
'EmailAddress' => 'mail'),
'FULLNAME_SEPARATOR' => ', ', // Used when the FullName is made up from two (or more) LDAP attributes
'GROUP_CLASS' => 'group', // LDAP objectClass for groups (e.g. 'group', 'posixGroup')
'EXCLUDE_USERNAMES' => array('woodwing'), // Usernames to exclude from LDAP authentication, wildcards (*, ?) can be used
'EMAIL_NOTIFICATIONS' => true // Whether or not the email notification options should be enabled for new users imported from LDAP
);
// The port number is mandatory in case an IP-address is used. It will be ignored when an URL is used.
if( !defined('LDAP_SERVERS') ) {
define( 'LDAP_SERVERS', serialize( array(
// LDAPServer( LDAP server IP, port number, Primary DNS Suffix, Options: see above )
new LDAPServer( 'myldap_server', 389, 'myldap.mycompany.local', $ldap_options )
)));
}
Setting in the overrule_config.php file:
require_once BASEDIR.'/server/dataclasses/LDAPServer.class.php';
$ldap_options = array(
'AUTH_USER' => '%username%@myldap.mycompany.local', // %username% will be replaced by entered username
'AUTH_PASSWORD' => '%password%', // %password% will be replaced by entered password
'BASE_DN' => 'DC=myldap,DC=mycompany,DC=local', // Search Base e.g. 'dc=myldap,dc=mycompany,dc=local'
'USERNAME_ATTRIB' => 'sAMAccountName', // LDAP attribute that will be matched against entered username
'GROUPMEMBER_ATTRIB' => 'memberof', // LDAP attribute that will be used to find usergroups, null if you manage groups in Studio Server
// Map Studio Server attributes to LDAP attributes. Only Ent att. 'FullName', 'EmailAddress',
// 'Language', 'TrackChangesColor', 'Organization', 'Location' are allowed.
// The FullName can be made up from more than one LDAP attribute.
// LDAP attributes are always lowercase.
'ATTRIB_MAP' => array(
'FullName' => array( 'name' ),
'EmailAddress' => 'mail'),
'FULLNAME_SEPARATOR' => ', ', // Used when the FullName is made up from two (or more) LDAP attributes
'GROUP_CLASS' => 'group', // LDAP objectClass for groups (e.g. 'group', 'posixGroup')
'EXCLUDE_USERNAMES' => array('woodwing'), // Usernames to exclude from LDAP authentication, wildcards (*, ?) can be used
'EMAIL_NOTIFICATIONS' => true // Whether or not the email notification options should be enabled for new users imported from LDAP
);
define( 'LDAP_SERVERS', serialize( array(
// LDAPServer( LDAP server IP, port number, Primary DNS Suffix, Options: see above )
new LDAPServer( 'myldap_server', 389, 'myldap.mycompany.local', $ldap_options )
)));
}
Comment
Do you have corrections or additional information about this article? Leave a comment! Do you have a question about what is described in this article? Please contact Support.
0 comments
Please sign in to leave a comment.