Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CIFS doesn't work with KERBEROS

urban
Champ in-the-making
Champ in-the-making

‎10-20-2009 06:34 AM

Hi, I have installed Alfresco community version 3.2.0 schema 2019 and I have configured kerberos against active directory like http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems, http authentication works fine but cifs authentication doesn't work this is my alfresco.log:
11:52:30,419 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/repository.properties]
11:52:30,422 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from class path resource [alfresco/domain/transaction.properties]
11:52:30,422 INFO  [org.alfresco.config.JndiPropertiesFactoryBean] Loading properties file from URL [file:/usr/share/tomcat6/shared/classes/alfresco-global.properties]
11:52:30,598 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:03,881 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
11:53:05,696 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
11:53:16,880 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'thirdparty' subsystem, ID: [default]
11:53:16,998 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:23,140 WARN  [org.alfresco.util.OpenOfficeConnectionTester] An initial OpenOffice connection could not be established.
11:53:23,141 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'thirdparty' subsystem, ID: [default] complete
11:53:24,749 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: /var/lib/alfresco
11:53:24,844 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
11:53:25,682 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
11:53:25,781 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 0 module(s).
11:53:25,820 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'fileServers' subsystem, ID: [default]
11:53:26,005 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:27,391 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Authentication' subsystem, ID: [managed, kerberos1]
11:53:27,710 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:33,387 DEBUG [org.alfresco.web.app.servlet.KerberosAuthenticationFilter] HTTP Kerberos login successful
11:53:33,387 DEBUG [org.alfresco.web.app.servlet.KerberosAuthenticationFilter] Logged on using principal HTTP/alfresco.alfresco.org@ALFRESCO.ORG
11:53:36,453 DEBUG [org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter] HTTP Kerberos login successful
11:53:36,454 DEBUG [org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter] Logged on using principal HTTP/alfresco.alfresco.org@ALFRESCO.ORG
11:53:37,190 DEBUG [org.alfresco.smb.protocol.auth] Logged on using principal cifs/alfresco.alfresco.org@ALFRESCO.ORG
11:53:37,190 DEBUG [org.alfresco.smb.protocol.auth] Enabling mechTypes :-
11:53:37,191 DEBUG [org.alfresco.smb.protocol.auth]   Kerberos5
11:53:37,191 DEBUG [org.alfresco.smb.protocol.auth]   MS-Kerberos5
11:53:37,191 DEBUG [org.alfresco.smb.protocol.auth]   NTLMSSP
11:53:37,270 DEBUG [org.alfresco.smb.protocol.auth] Logged on using principal cifs/alfresco.alfresco.org@ALFRESCO.ORG
11:53:37,271 DEBUG [org.alfresco.smb.protocol.auth] Enabling mechTypes :-
11:53:37,271 DEBUG [org.alfresco.smb.protocol.auth]   Kerberos5
11:53:37,271 DEBUG [org.alfresco.smb.protocol.auth]   MS-Kerberos5
11:53:37,272 DEBUG [org.alfresco.smb.protocol.auth]   NTLMSSP
11:53:37,272 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Authentication' subsystem, ID: [managed, kerberos1] complete
11:53:42,416 ERROR [org.alfresco.fileserver] Failed to get local domain/workgroup name, using default of WORKGROUP
11:53:42,439 ERROR [org.alfresco.fileserver] (This may be due to firewall settings or incorrect <broadcast> setting)
11:53:43,356 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'fileServers' subsystem, ID: [default] complete
11:53:43,356 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'imap' subsystem, ID: [default]
11:53:43,725 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:44,576 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'imap' subsystem, ID: [default] complete
11:53:44,578 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'Synchronization' subsystem, ID: [default]
11:53:44,855 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:53:44,918 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'Synchronization' subsystem, ID: [default] complete
11:53:45,437 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_16-b01; maximum heap size 1016,125MB
11:53:45,438 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Community): Current version 3.2.0 (@build-number@) schema 2019 - Installed version 3.2.0 (@build-number@) schema 2019
11:54:00,948 INFO  [org.alfresco.util.OpenOfficeConnectionTester] The OpenOffice connection was re-established.
11:54:17,661 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Starting 'wcm_deployment_receiver' subsystem, ID: [default]
11:54:17,866 INFO  [org.alfresco.config.JndiPropertyPlaceholderConfigurer] Loading properties file from class path resource [alfresco/alfresco-shared.properties]
11:54:18,757 INFO  [org.alfresco.repo.management.subsystems.ChildApplicationContextFactory] Startup of 'wcm_deployment_receiver' subsystem, ID: [default] complete
11:54:38,876 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Refreshing org.alfresco.config.JBossEnabledWebApplicationContext@1250e0c: display name [Root WebApplicationContext]; startup date [Tue Oct 20 11:54:38 CEST 2009]; root of context hierarchy
11:54:41,701 INFO  [org.alfresco.config.JBossEnabledWebApplicationContext] Bean factory for application context [org.alfresco.config.JBossEnabledWebApplicationContext@1250e0c]: org.springframework.beans.factory.support.DefaultListableBeanFactory@42a821
11:54:54,721 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 24 Web Scripts (+0 failed), 26 URLs
11:54:54,932 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised Presentation Web Script Container (in 1680.6115ms)
11:54:58,057 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 171 Web Scripts (+0 failed), 173 URLs
11:54:58,113 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised WebFramework Web Script Container (in 3149.7444ms)
11:54:59,451 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework
11:55:38,842 DEBUG [org.alfresco.smb.protocol.auth] NT Session setup SPNEGO, MID=8, UID=0, PID=65279
11:55:38,846 DEBUG [org.alfresco.smb.protocol.auth] Using Write transaction
It could be a bug?
somebody has got the same problem?
how can i solve?
Sorry for my english, i'm spanish.

Thanks a lot!
Labels:
0 Kudos
4 REPLIES 4

tonyc
Champ in-the-making
Champ in-the-making

‎10-20-2009 12:54 PM

11:53:42,416 ERROR [org.alfresco.fileserver] Failed to get local domain/workgroup name, using default of WORKGROUP

Try configuring your domain/workgroup in <tomcat_home>/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/fileServers/default/file-servers.properties
0 Kudos

giovibal
Champ in-the-making
Champ in-the-making

‎10-21-2009 05:14 AM

Try this in <tomcat_home>/shared/classes/alfresco-global.propeties:

cifs.enabled=true
cifs.domain=<NETBIOS_DOMAINNAME>
0 Kudos

urban
Champ in-the-making
Champ in-the-making

‎10-21-2009 12:32 PM

Thanks for yours replies, this is my alfresco-global.properties:
ooo.exe=/usr/bin/soffice

img.root=/usr

swf.exe=/usr/bin/alfresco-pdf2swf



#

# MySQL connection

#————-

db.driver=org.gjt.mm.mysql.Driver

db.url=jdbc:mysql://${db.host}:${db.port}/${db.name}

hibernate.dialect=org.hibernate.dialect.MySQLInnoDBDialect



#

# Index Recovery Mode

#————-

#index.recovery.mode=Auto



#

# Outbound Email Configuration

#————-

#mail.host=

#mail.port=25

#mail.username=anonymous

#mail.password=

#mail.encoding=UTF-8

#mail.from.default=alfresco@alfresco.org

#mail.smtp.auth=false



#

# Alfresco Email Service and Email Server

#————-



# Enable/Disable the inbound email service.  The service could be used by processes other than

# the Email Server (e.g. direct RMI access) so this flag is independent of the Email Service.

#————-

#email.inbound.enabled=true



# Email Server properties 

#————-

#email.server.enabled=true

#email.server.port=25

#email.server.domain=alfresco.com

#email.inbound.unknownUser=anonymous



# A comma separated list of email REGEX patterns of allowed senders.

# If there are any values in the list then all sender email addresses

# must match.  For example:

#   .*\@alfresco\.com, .*\@alfresco\.org

# Allow anyone:

#————-

#email.server.allowed.senders=.*



#

# The default authentication chain

# To configure external authentication subsystems see:

# http://wiki.alfresco.com/wiki/Alfresco_Authentication_Subsystems

#————-

#authentication.chain=alfrescoNtlm1:alfrescoNtlm

authentication.chain=kerberos1:kerberos

alfresco.authentication.allowGuestLogin=false


#

# IMAP

#————-

#imap.server.enabled=true

#imap.server.port=143

#imap.server.host=localhost

#

# CIFS

#————-
cifs.enabled=true
cifs.serverName=alfresco
cifs.domain=
cifs.tcpipSMB.port=1445
cifs.netBIOSSMB.namePort=1137
cifs.netBIOSSMB.datagramPort=1138
cifs.netBIOSSMB.sessionPort=1139

#

# KERBEROS

#————
kerberos.authentication.realm=ALFRESCO.ORG

kerberos.authentication.user.configEntryName=Alfresco

kerberos.authentication.defaultAdministratorUserNames=usuario1

kerberos.authentication.cifs.configEntryName=AlfrescoCIFS

kerberos.authentication.cifs.password=secret
kerberos.authentication.authenticateCIFS=true
kerberos.authentication.http.configEntryName=AlfrescoHTTP

kerberos.authentication.http.password=secret
kerberos.authentication.sso.enabled=false

Before i used kerberos, cifs worked fine but when i configured kerberos it doesn't work, it's necessary to modify file-servers.xml?
thanks a lot!
0 Kudos

tonyc
Champ in-the-making
Champ in-the-making

‎10-21-2009 12:53 PM

In alfresco-global.properties set:

cifs.domain= <the name of your domain or workgroup>
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC