Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco CIFS server not starting

bnice
Champ in-the-making
Champ in-the-making

‎09-22-2010 05:37 AM

Hi there,

after successfully configuring subsystems, LDAP-Sync, Kerberos and SSO with Alfresco 3.3, I'm now stuck at the hardest part - getting CIFS to run.

Although I configured log4j for SMB and CIFS to "debug" I'm getting no error messages in the log. But it seems like CIFS server is not even started:


11:20:21,866 INFO  [org.alfresco.fileserver] CIFS server NOT started
11:20:21,868 INFO  [org.alfresco.fileserver] FTP server started
11:20:21,868 INFO  [org.alfresco.fileserver] NFS server NOT started
11:20:21,963 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [fileServers, default] complete

Subsystem configuration seems to be okay, otherwise the FTP server would not be started (and authentication for ftp is fine).
Can anyone tell me, why CIFS server is not starting?
Labels:
0 Kudos
5 REPLIES 5

mrogers
Star Contributor
Star Contributor

‎09-22-2010 07:07 AM

Have you turned it on?

What's your configuration?
0 Kudos

bnice
Champ in-the-making
Champ in-the-making

‎09-22-2010 08:53 AM

It's enabled, yes.

When I try to connect to \\ALF (it's the hostname) from a XP client, I get an authentication screen, but no login succeeds.
Unfortunatly, I get no entry in the log for failed login or anything else.
Doing a wireshark trace, I can see SMB packets with STATUS_LOGON_FAILURE

Connecting to \\AlfA doesn't work (connection times out)

Here is my config:

Authentication chain:
authentication.chain=kerberos1:kerberos,ldap-ad1:ldap-ad,alfrescoNtlm1:alfrescoNtlm

kerberos-authentication.properties:

kerberos.authentication.realm=DOMAIN.LOCAL
kerberos.authentication.sso.enabled=true
kerberos.authentication.authenticateCIFS=true
kerberos.authentication.user.configEntryName=Alfresco
kerberos.authentication.defaultAdministratorUserNames=admin
kerberos.authentication.cifs.configEntryName=AlfrescoCIFS
kerberos.authentication.cifs.password=***
kerberos.authentication.http.configEntryName=AlfrescoHTTP
kerberos.authentication.http.password=***
kerberos.authentication.defaultAdministratorUserNames=admin
kerberos.authentication.browser.ticketLogons=true
ldap-ad-authentication.properties

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=uid\=%s,dc\=domain,dc\=local
ldap.authentication.java.naming.provider.url=ldap://192.168.1.13:389
ldap.authentication.java.naming.security.authentication=SIMPLE
ldap.authentication.java.naming.security.principal=ldapsync@domain.local
ldap.authentication.java.naming.security.credentials=***
alfresco-authentication.properties

alfresco.authentication.sso.enabled=false
alfresco.authentication.allowGuestLogin=false
alfresco.authentication.authenticateCIFS=false

file-servers-properties:

### CIFS Server Configuration ###
cifs.enabled=true
cifs.serverName=alf.domain.local
cifs.domain=DOMAIN.LOCAL
cifs.hostannounce=true

# properties for non-Windows servers with Java-based SMB implementation
#    Specifies the broadcast mask for the network. 
#cifs.broadcast=
#    Specifies the network adapter to bind to. If not specified the server will bind to all available adapters/addresses. 
cifs.bindto=192.168.1.127
#    Controls the port used to listen for the SMB over TCP/IP protocol (or native SMB), supported by Win2000 and above clients. The default port is 445. 
#cifs.tcpipSMB.port=
#    Enables the use of IP v6 in addition to IP v4 for native SMB. When true, the server will listen for incoming connections on IPv6 and IPv4 sockets. 
#cifs.ipv6.enabled=false
#    Controls the NetBIOS name server port to listen on. The default is 137. 
#cifs.netBIOSSMB.namePort=
#    Controls the NetBIOS datagram port. The default is 138. 
#cifs.netBIOSSMB.datagramPort=
#    Controls the NetBIOS session port to listen on for incoming session requests. The default is 139. 
#cifs.netBIOSSMB.sessionPort=
#    Disables the new NIO based CIFS server code and reverts to using the older socket based code. 
#cifs.disableNIO=false

# Optional WINS server primary and secondary IP addresses. Ignored if autoDetectEnabled=true
cifs.WINS.autoDetectEnabled=true
cifs.WINS.primary=192.168.1.13
cifs.WINS.secondary=192.168.1.4

### FTP Server Configuration ###
ftp.enabled=true
ftp.port=21
ftp.ipv6.enabled=false

# FTP data port range, a value of 0:0 disables the data port range and will use the next available port
# Valid range is 1024-65535
ftp.dataPortFrom=0
ftp.dataPortTo=0
also tried default 
cifs.serverName=${localname}A
, without success

/etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = DOMAIN.LOCAL
 default_tkt_enctypes = rc4-hmac
 default_tgs_enctypes = rc4-hmac

 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes

[realms]
 TECH.WTG = {
  kdc = dc1.domain.local:88
  admin_server = dc1.domain.local:749
  default_domain = domain.local
 }

[domain_realm]
dc1.domain.local = DOMAIN.LOCAL
 .dc1.domain.local = DOMAIN.LOCAL

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }

Created keytables, SPN and everything Kerberos specifc else.
Kerberos with SSO is working fine, as well as LDAP-sync (config not posted).
Maybe a problem of the authentication chain?
0 Kudos

bnice
Champ in-the-making
Champ in-the-making

‎09-22-2010 10:34 AM

UPDATE
okay, okay, I missed some important entry in alfresco-global.properties:


cifs.enabled=true

:roll:  :roll:  :roll:

Now CIFS server is started, but shows some errors, so I'll check them now.


16:44:43,605 ERROR [org.alfresco.fileserver] [SMB] Server error : org.alfresco.jlan.server.config.InvalidConfigurationException: Error initializing TCP-IP SMB session handler, Address already in use
16:44:43,605 ERROR [org.alfresco.fileserver] org.alfresco.jlan.server.config.InvalidConfigurationException: Error initializing TCP-IP SMB session handler, Address already in use
16:44:43,605 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.nio.NIOCifsConnectionsHandler.initializeHandler(NIOCifsConnectionsHandler.java:259)
16:44:43,606 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBServer.run(SMBServer.java:472)
16:44:43,606 ERROR [org.alfresco.fileserver]    at java.lang.Thread.run(Thread.java:619)

UPDATE
Found the problem - had another SMB/winbind instance running.

CIFS is running now, and I can access it.  Smiley Very Happy

Just little minor error:

[org.alfresco.fileserver] Failed to get local domain/workgroup name, using default of WORKGROUP

Will be caused by some typo somewhere…
0 Kudos

mrogers
Star Contributor
Star Contributor

‎09-23-2010 04:44 AM

Good to hear you found the problem Smiley Happy
0 Kudos

bnice
Champ in-the-making
Champ in-the-making

‎09-28-2010 04:31 AM

Just little minor error:

Code: Select all
    [org.alfresco.fileserver] Failed to get local domain/workgroup name, using default of WORKGROUP

Will be caused by some typo somewhere…

Hmmm, can't find any typo and broadcast / subnet mask should be fine too…
And I have no problem accessing the shares via SMB, but would be nice to get this little error fixed too…

Any ideas which config files I should check again?

BTW: Firewall is currently disabled
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC