Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

CIFS on windows 2003 and VPN

lblancher
Champ in-the-making
Champ in-the-making

‎02-14-2008 06:03 PM

Hello,
   I have installed Alfresco 2.1 Community on a windows 2003 server.  I would like to be able to use CIFS shares for accessing content.  I tried installing CIFS the default way using the DLL to register and use parts of windows.  This option turned out to not work correctly because it requires that the alfresco CIFS shares use a different name then the computer name.  Because a majority of my users will be coming in over a VPN connection netBIOS name resolution does not work for remote workers.  I have instead tried using the native CIFS tcpip handler as desribed in http://wiki.alfresco.com/wiki/File_Server_Configuration#AVM.2FWCM_Filesystems   this works and i can get the VPN CIFS share to work by using the servers IP address.  When i try to use the computers name (through DNS) it will not authenticate the user and i get this error in the logs.


17:47:32,645 ERROR [org.alfresco.smb.protocol.auth] Error during passthru authentication

org.alfresco.repo.security.authentication.AuthenticationException: Logon failure

   at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:948)

   at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:550)

   at org.alfresco.filesys.server.auth.AlfrescoAuthenticator.doPassthruUserAuthentication(AlfrescoAuthenticator.java:437)

   at org.alfresco.filesys.server.auth.AlfrescoAuthenticator.authenticateUser(AlfrescoAuthenticator.java:161)

   at org.alfresco.filesys.server.auth.CifsAuthenticator.processSessionSetup(CifsAuthenticator.java:511)

   at org.alfresco.filesys.smb.server.NTProtocolHandler.procSessionSetup(NTProtocolHandler.java:407)

   at org.alfresco.filesys.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:221)

   at org.alfresco.filesys.smb.server.SMBSrvSession.run(SMBSrvSession.java:1352)

   at java.lang.Thread.run(Thread.java:619)

17:47:32,645 DEBUG [org.alfresco.smb.protocol.auth] Authenticated user XXXXXX sts=Disallow via Passthru

17:47:32,645 DEBUG [org.alfresco.smb.protocol.auth] User XXXXXX, access denied


my file-servers.xml look like

<alfresco-config area="file-servers">

   <config evaluator="string-compare" condition="CIFS Server">
     <serverEnable enabled="true"/>
     <!–
     <host name="${localname}_A"/>
     –>
      <comment>Alfresco CIFS Server</comment>

      <!– Set to the broadcast mask for the subnet –>
      <broadcast>255.255.255.255</broadcast>

      <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux –>
      <!–
      <tcpipSMB platforms="linux,solaris,macosx"/>
      <netBIOSSMB platforms="linux,solaris,macosx"/>
      –>
      <!– Can be mapped to non-privileged ports, then use firewall rules to forward
          requests from the standard ports –>
     <!–       
      
      <netBIOSSMB sessionPort="1139" namePort="1137" datagramPort="1138" platforms="linux,solaris,macosx"/>
     –>
   <tcpipSMB port="445" />    
      <hostAnnounce interval="5"/>

      <!– Use Win32 NetBIOS interface on Windows 
      <Win32NetBIOS api="netbios"/>
      <Win32Announce interval="5"/>
      –>

<!–
      <WINS>
         <primary>1.2.3.4</primary>
         <secondary>5.6.7.8</secondary>
      </WINS>
–>
      <sessionDebug flags="Negotiate,Socket"/>
   </config>

   <config evaluator="string-compare" condition="FTP Server">
     <serverEnable enabled="true"/>
<!–      <debug flags="File,Search,Error,Directory,Info,DataPort"/> –>
   </config>
   
   <config evaluator="string-compare" condition="NFS Server">
     <serverEnable enabled="false"/>
   </config>
   
   <config evaluator="string-compare" condition="Filesystems">
     <filesystems>
        
       <!– Alfresco repository access shared filesystem –>
         <filesystem name="Alfresco">
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>

         <!– Add a URL file to each folder that links back to the web client –>
         <urlFile>
               <filename>__AlfrescoClient.url</filename>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </urlFile>

         <!– Mark locked files as offline –> 
          <offlineFiles/>

         <!– Desktop actions –>
         <!– Uses a client-side application to trigger a server-side action                         –>
         <!–   Echo - displays a message echoed from the server                                     –>
         <!–   URL  - launches a URL via the Windows shell                                          –>
         <!–   CmdLine - launches the Notepad application                                           –>
         <!–   CheckInOut - checks files in/out, drag and drop files onto the application           –>
         <!–   JavaScript - run a server-side script                                                –>
         <!–   JavaScriptURL - server-side script that generates a URL to the folder using a ticket –>
         <!–                   to avoid having to logon                                             –>

<!–
         <desktopActions>
            <global>
                    <path>alfresco/desktop/Alfresco.exe</path>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </global>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.EchoDesktopAction</class>
               <name>Echo</name>
                 <filename>__AlfrescoEcho.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.URLDesktopAction</class>
               <name>URL</name>
                 <filename>__AlfrescoURL.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.CmdLineDesktopAction</class>
               <name>CmdLine</name>
                 <filename>__AlfrescoCmd.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.CheckInOutDesktopAction</class>
               <name>CheckInOut</name>
                 <filename>__AlfrescoCheckInOut.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScript</name>
               <filename>__AlfrescoScript.exe</filename>
               <script>alfresco/desktop/dumpRequest.js</script>
               <attributes>anyFiles, multiplePaths , allowNoParams</attributes>
               <preprocess>confirm, copyToTarget</preprocess>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScriptURL</name>
               <filename>__AlfrescoDetails.exe</filename>
               <script>alfresco/desktop/showDetails.js</script>
               <attributes>anyFiles</attributes>
               <preprocess>copyToTarget</preprocess>
            </action>

         </desktopActions>
–>          
                    
<!–
            <accessControl default="Write">
               <user name="admin" access="Write"/>
               <address subnet="90.1.0.0" mask="255.255.0.0" access="Write"/>
            </accessControl>
–>
         </filesystem>
        
       <!– AVM virtualization view of all stores/versions for WCM –>
         <avmfilesystem name="AVM">
            <virtualView/>
         </avmfilesystem>
        
      </filesystems>
   </config>

   <config evaluator="string-compare" condition="Filesystem Security">
      <authenticator type="enterprise">
      </authenticator>

<!–
      <globalAccessControl default="None">
         <user name="admin" access="Write"/>
         <address ip="90.1.0.90" access="Write"/>
      </globalAccessControl>

      <users>
         <localuser name="user">
            <password>user</password>
            <comment>Normal user account</comment>
         </localuser>
   
         <localuser name="administrator">
            <password>admin</password>
            <administrator/>
            <comment>Administrator account</comment>
         </localuser>
      </users>
–>
   </config>


</alfresco-config>

and my file-servers-custom.xml looks like

<alfresco-config area="file-servers">
  <config evaluator="string-compare" condition="CIFS Server">
    <serverEnable enabled="true" />
    <!– Insert here IP or hostname of this alfresco server, and the NT domain name in which you want to integrate–>
    <host name="myservername" domain="MYDOMIAN" />
    <comment>Alfresco CIFS Server</comment>
    <!– Set to the broadcast mask for the subnet –>
    <broadcast>255.255.255.255</broadcast>
    <sessionDebug flags="Negotiate,Socket" />
  </config>
  <config evaluator="string-compare" condition="Filesystems" replace="true">
    <filesystems>
      <filesystem name="Alfresco">
        <store>workspace://SpacesStore</store>
        <rootPath>/app:company_home</rootPath>
        <!– Add a URL file to each folder that links back to the web client –>
        <urlFile>
          <filename>__Alfresco.url</filename>
          <webpath>http://${localname}:8080/alfresco/</webpath>
        </urlFile>
        <!– Mark locked files as offline –>
        <offlineFiles />
        <!– Desktop actions –>
        <desktopActions>
          <global>
            <path>alfresco/desktop/Alfresco.exe</path>
            <webpath>http://${localname}:8080/alfresco/</webpath>
          </global>
          <action>
            <class>org.alfresco.filesys.smb.server.repo.desk.CheckInOutDesktopAction</class>
            <name>CheckInOut</name>
            <filename>__CheckInOut.exe</filename>
          </action>
          <action>
            <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class>
            <name>JavaScriptURL</name>
            <filename>__ShowDetails.exe</filename>
            <script>alfresco/desktop/showDetails.js</script>
            <attributes>anyFiles</attributes>
            <preprocess>copyToTarget</preprocess>
          </action>
        </desktopActions>
      </filesystem>
      <!– AVM virtualization view of all stores/versions for WCM –>
      <avmfilesystem name="AVM">
        <virtualView />
      </avmfilesystem>
    </filesystems>
  </config>
  <!– Authenticator should be of type alfresco –>
  <config evaluator="string-compare" condition="Filesystem Security" replace="true">
    <authenticator type="alfresco" />
  </config>
</alfresco-config>



Any idea's why it would work one way and not another?

Lucas
Labels:
0 Kudos
2 REPLIES 2

lblancher
Champ in-the-making
Champ in-the-making

‎03-04-2008 01:16 PM

Hello,
  I have found a work around for this problem.  On your DNS server create a CNAME record with the alfresco CIFS name(ie alfrescoserver_A) that points the real alfresco server machine(alfrescoserver).


Something like:

alfrescoserver_A  IN   CNAME   alfrescoserver.domain.tld


Lucas
0 Kudos

skorde
Champ in-the-making
Champ in-the-making

‎06-20-2008 05:28 AM

Hi
I have tried it on my environment and now CIFS work fine (some times) on windows 2003 and VPN
I did DNS entry and now I am facing a problem like some time remote machine can access the CIFS server and some time not, it giving the error like "no network path found" or "permission denied"
Would you please help me to get out of this problem?

System info:
Alfresco Community 2.1/Tomcat/Oracle/Windows Server 2003

Thanks in advance,
Sudhir korde
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC