Hi all,
I'm trying to install Alfresco 3.4.d on a Windows server 2008 R2 machine, to use SSO and CIFS… without success.
Of course, I'm able to log in via Web client (http://localhost:8080/alfresco/faces/jsp/login.jsp), Share, FTP, WebDAv BUT it is impossible to use CIFS and SSO.
I used the below steps - please, someone can help me ?
Thank you in advance !
Ivano C.
1) I'm using Alfresco community 3.4.d on Windows server 2008 R2 64 bit
2) Alfresco's shared properties:
#
# The default authentication chain
#————-
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1
assthru
#
alfresco.authentication.allowGuestLogin=false
alfresco.authentication.authenticateCIFS=false
#
passthru.authentication.domain=INTRANET
passthru.authentication.defaultAdministratorUserNames=administrator
#
# CIFS
#————-
cifs.enabled=true
cifs.serverName=DOC2
cifs.domain=INTRANET
cifs.hostannounce=true
cifs.urlfile.prefix=http://doc2.<myinternetdomain>:8080/alfresco/
NOTE: The above is a configuration copied from a Windows XP Pro 32 bit machine, where I can use SSO and CIFS very well !
3) On the Windows server 2008 R2 64 bit computer, I done the below steps:
3.1) I disabled the native SMB adding the registry key "SMBDeviceEnabled"=dword:00000000 within [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters].
Value name: SMBDeviceEnabled
Value type: REG_DWORD
0 = disabled
3.2) In Windows Firewall with Advanced Security application, clicked on the Inbound Rules item in the left hand column…
Scroll down to the File and Printer Sharing rules.
I enabled the following rules: File And Printer Sharing (NB-Datagram-In), File And Printer Sharing (NB-Name-In) and File And Printer Sharing (NB-Session-In).
I disabled the File And Printer Sharing (SMB-In) rule.
I left as is the other File And Printer Sharing (…) rules
4) In Windows registry added the below REG_DWORD key in the sub tree [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters]
Add a new REG_DWORD key with the name of Smb2
Value name: Smb2
Value type: REG_DWORD
0 = to disabled SMB 2.0
5) In the following registry [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters]
Double clicked the value "TransportBindName" and deleted the default value, thus giving it a blank value.
6) I rebooted the computer.
RESULTS
=======
After rebooting, I opened a command prompt and typed "netstat -an"
On port 0.0.0.0 and [::] there is still the process listening on TCP port 445:
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
Moreover, if I try to do the command "net use O: \\doc2\Alfresco", I obtain the below:
System error 67
Impossible to find the network name
The above, either from local machine and from other machines on the LAN.
So, I restored the option "TransportBindName" to the value "\Device\" and rebooted the computer.
Now, i can reach the SMB server but it is impossible to login via CIFS - I tryed from the local machine and from other machines on the LAN.
In the Tomcat log I get the below error:
10:33:02,608 ERROR [smb.protocol.auth] org.alfresco.jlan.smb.SMBException: Logon failure
I opened a command prompt and typed "netstat -an" - the 445 port is still listening:
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
The process is NOT listening on 127.0.0.1 and 192.168.1.21 IP address, the last is the real IP address of the computer.
TCP 127.0.0.1: (no 445)
TCP 192.168.1.21: (no 445)
The below is the state of the UDP protocols:
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:55296 *:*
UDP 0.0.0.0:63277 *:*
UDP 127.0.0.1:52700 *:*
UDP 127.0.0.1:52702 *:*
UDP 127.0.0.1:65272 *:*
UDP 192.168.1.21:137 *:*
UDP 192.168.1.21:138 *:*
UDP [::]:123 *:*
UDP [::]:500 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:4500 *:*
UDP [::]:5355 *:*
UDP [::]:55296 *:*
UDP [::]:63278 *:*
I'm trying to install Alfresco 3.4.d on a Windows server 2008 R2 machine, to use SSO and CIFS… without success.
Of course, I'm able to log in via Web client (http://localhost:8080/alfresco/faces/jsp/login.jsp), Share, FTP, WebDAv BUT it is impossible to use CIFS and SSO.
I used the below steps - please, someone can help me ?
Thank you in advance !
Ivano C.
1) I'm using Alfresco community 3.4.d on Windows server 2008 R2 64 bit
2) Alfresco's shared properties:
#
# The default authentication chain
#————-
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1
assthru#
alfresco.authentication.allowGuestLogin=false
alfresco.authentication.authenticateCIFS=false
#
passthru.authentication.domain=INTRANET
passthru.authentication.defaultAdministratorUserNames=administrator
#
# CIFS
#————-
cifs.enabled=true
cifs.serverName=DOC2
cifs.domain=INTRANET
cifs.hostannounce=true
cifs.urlfile.prefix=http://doc2.<myinternetdomain>:8080/alfresco/
NOTE: The above is a configuration copied from a Windows XP Pro 32 bit machine, where I can use SSO and CIFS very well !
3) On the Windows server 2008 R2 64 bit computer, I done the below steps:
3.1) I disabled the native SMB adding the registry key "SMBDeviceEnabled"=dword:00000000 within [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters].
Value name: SMBDeviceEnabled
Value type: REG_DWORD
0 = disabled
3.2) In Windows Firewall with Advanced Security application, clicked on the Inbound Rules item in the left hand column…
Scroll down to the File and Printer Sharing rules.
I enabled the following rules: File And Printer Sharing (NB-Datagram-In), File And Printer Sharing (NB-Name-In) and File And Printer Sharing (NB-Session-In).
I disabled the File And Printer Sharing (SMB-In) rule.
I left as is the other File And Printer Sharing (…) rules
4) In Windows registry added the below REG_DWORD key in the sub tree [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters]
Add a new REG_DWORD key with the name of Smb2
Value name: Smb2
Value type: REG_DWORD
0 = to disabled SMB 2.0
5) In the following registry [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters]
Double clicked the value "TransportBindName" and deleted the default value, thus giving it a blank value.
6) I rebooted the computer.
RESULTS
=======
After rebooting, I opened a command prompt and typed "netstat -an"
On port 0.0.0.0 and [::] there is still the process listening on TCP port 445:
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
Moreover, if I try to do the command "net use O: \\doc2\Alfresco", I obtain the below:
System error 67
Impossible to find the network name
The above, either from local machine and from other machines on the LAN.
So, I restored the option "TransportBindName" to the value "\Device\" and rebooted the computer.
Now, i can reach the SMB server but it is impossible to login via CIFS - I tryed from the local machine and from other machines on the LAN.
In the Tomcat log I get the below error:
10:33:02,608 ERROR [smb.protocol.auth] org.alfresco.jlan.smb.SMBException: Logon failure
I opened a command prompt and typed "netstat -an" - the 445 port is still listening:
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP [::]:445 [::]:0 LISTENING
The process is NOT listening on 127.0.0.1 and 192.168.1.21 IP address, the last is the real IP address of the computer.
TCP 127.0.0.1: (no 445)
TCP 192.168.1.21: (no 445)
The below is the state of the UDP protocols:
UDP 0.0.0.0:123 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:3702 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:55296 *:*
UDP 0.0.0.0:63277 *:*
UDP 127.0.0.1:52700 *:*
UDP 127.0.0.1:52702 *:*
UDP 127.0.0.1:65272 *:*
UDP 192.168.1.21:137 *:*
UDP 192.168.1.21:138 *:*
UDP [::]:123 *:*
UDP [::]:500 *:*
UDP [::]:3702 *:*
UDP [::]:3702 *:*
UDP [::]:4500 *:*
UDP [::]:5355 *:*
UDP [::]:55296 *:*
UDP [::]:63278 *:*
