we'd like to log user activities in Nexus like:
user log in
user log out
artifact downloaded by user
artifact uploaded by user
How should the loggers be configured in Nexus to be able to achieve it?
If you're on a reasonably recent version of Nexus check the sonatype-work/nexus/logs/request.log, the user ID associated with all requests is printed in the third column.
Related
Windows server 2016.
Old users (those, having profiles/folders created at "C:\Users") are able to remote into our server via RDP, but new users are not. Initially the error was The User Profile Service service failed the sign-in. User profile cannot be laoded.
Checking server, it seems "C:\Users\Default" has the only folder/entry "AppData", nothing more. I copied the file "NTUSER.DAT" from similar server "Default" folder. Also, folder permissions are identical.
Now new users are able to login, but it goes to a temporary profile and of course, user's profile at "C:\Users" does not get created.
Event logs does not tell much, basically just confirms login errors/notes we get:
Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
How this can be solved?
Open the registry editor and go to HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList then find the key where the ProfileImagePath is the profile location of the user that's not being created. Export, then delete that registry key.
I use Firebase Remote configuration to control my app features per user segment and so I apply conditions on remote configuration parameter based on some user properties.
The issue is that some of these user properties could be changed when the app user make some actions that change his/her segment (like user was free user and becomes a paid users) and in this case, Remote configuration doesn't fetch the new values so the user sees wrong data in the current app session (sees data related to his previous segment not the new one) and will not see the right data until he/she closes the app and opens it again.
-Are there any solution to force Remote Configuration to update the cached value?
-Is it right to use Remote Configuration in these case or we have to move to another solution like RTDB?
You can trigger Firebase reload by sending silent FCM message either to devices with specific property value or to all devices. Naturally you need to implement handling for the notification and reload triggering. This page describes the implementation very well.
I have inherited administration of a Nexus server and am trying to understand user management. There are a number of users that are in the default realm and some in the LDAP realm, and I would like to delete users in both realms.
I've been able to disable and remove all roles except for one for users in the default realm (mandatory that it has at least one role associated with it) and all non-LDAP roles for those in the LDAP realm.
What I can't figure out is how to delete users. Is this even possible?
We are on Nexus 2.11.4
You need to be logged in as admin, or another user which has the necessary rights and navigate to Security / Users.
For more details, check the Sonatype book on Nexus here.
I have a requirement where, users (with company username and password) should be available in CQ. We have configured LDAP to authenticate the user on the CQ instance based on his company username and password. But, currently, what is happening is, by default, that user is not present in the list of users we see in CQ. Only after he logs in to CQ instance for the first time, his user profile is getting added to the list of users. Is there a way to create/import all the list of users that we have in the company into CQ without asking them to login??? Basically, I should be able to see all the list of users that we have in the company without asking them to login to the CQ instance. Which means, we should be able to import them.
Or, is the scenario above is invalid, since users are being added as and when we login to the CQ instance. I am a bit unclear about this scenario, so any help is appreciated
CQ provides different ways to achieve this,
Manual synchronization of users using felix console.
Using CURL
Creating JMX client that uses LDAP MBean
I am putting the first way to achieve this, you may refer to the link for the detailed answer:
Manual synchronization of users using felix console.
Open the felix jmx console and log in as admin at http://:/system/console/jmx
Click on domain com.adobe.granite.ldap and it displays list of
attributes and operations that can be performed.
Click on operations and pops up with small window to supply parameter
(if required). Ex:- syncUser operation, supply the DN of the single
user (cn=user001,ou=users,dc=day,dc=com) to be synchronized
Click Invoke to transfer appropriate details from the ldap directory
server to CRX.
After referring so many forums, I am able to authenticate and sync active directory users to alfresco. The problem is we have more than 25,000 users and rite now we are planning to open alfresco only for selected users. Whenever someone search people they will be finding all the 25,000 users who are not even using alfresco. My It team is not willing to create seperate group for these selected members. Is it possible to sync only users who are logged in.
I am using alfresco 4.2e Binary Installation. Windows 7 64 bit.
The most easiest way would be to distinct users to sync via LDAP query.
You could find this link useful.
This scenario should do it:
enable ldap authentication
configure the authenication chain to include Alfresco and LDAP. This will ensure to try to authenticat against both systems. e.g.
authentication.chain=alfrescoNtlm1:alfrescoNtlm,ldap-ad1:ldap-ad
disable sync
# This flag enables use of this LDAP subsystem for user and group
# synchronization. It may be that this subsytem should only be used for
# authentication, in which case this flag should be set to false.
ldap.synchronization.active=false
If you start Alfresco the very first time there is no user in Alfresco. Depending on your strategy how to control the user creatioin you could ether:
create user manual
If you're running on linux the easiest way would be to use the alfresco-shell-tools otherwise you could use the csv-import feature in the user admin. The trick is to use the same username so Alfresco will try to authenticat against both systems before it fails.
create user on first login
Another way is to enable implicit user creation on first login. This isn't my recommendation since you will get trouble later because the user has no email address configured / no user info is synced. (This way is not tested - if this doesn't work you may define a sync query which doesn't return users to enable sync)
synchronization.autoCreatePeopleOnLogin=true
you will get the auto-creation of people who were successfully authenticated but weren't brought in by the sync
you need to add/change this line also on ldap-authentication.properties :
ldap.authentication.active=true
ldap.synchronization.active=false
ldap.synchronization.autoCreatePeopleOnLogin=false
synchronization.syncOnStartup=false
synchronization.syncWhenMissingPeopleLogIn=false
and add on alfresco-global.properties :
create.missing.people=false