Hyland Connect

ksar · ‎02-09-2012

What has already been attempted:

I am trying to get CIFS to work in a Windows 7 environment. After checking the documentation to see which authentication systems support CIFS, I first tried alfrescoNTLM, then passthru. Both failed due to Alfresco using a different NTLM version than Windows 7. The proposed solutions (client-side modifications) for this are not an option, it has to be a server-side solution. Now, after trying to get an Active Directory set up for use with Kerberos authentication and locking everyone out of the system by accident, I'm not too eager to try that again.

The current situation:

With none of the authentication systems currently authenticating CIFS, it's possible to use \\<serverIp>:<alfrescoPort>\alfresco and see the site folders. There are no subfolders or other content shown, however. Is it possible to configure Alfresco and/or CIFS so that it shows more while nothing is authenticating CIFS? (Yes, I'm aware that this basically amounts to having no security at all). If so, how would I go about it?

mrogers · ‎02-09-2012

Why don't you just create a user in alfresco and use that account for everyone. That's what you get out of the box if you don't have any external authentication configured.

ksar · ‎02-09-2012

You mean just connect to \\example.url:XXXX\alfresco, and then enter an existing username and password into the password dialogue box?

The result of that is seeing all folders in the Sites folder, but none of their content (either subfolders or files). This happens no matter whether the administrator account or any other is used. (Edit: folders for private sites are not shown)

The current guess here (and it is a guess, it could be something else entirely) is that because no authentication system is authenticating CIFS, any user is treated like a guest and therefore doesn't get to see the contents. If it's a different problem, I'd be grateful to learn the solution.

ksar · ‎02-10-2012

Okay, so I have figured out a bit more of what is going on by experimenting with different configurations.

Case 1:
alfresco.authentication.authenticateCIFS=false
ntlm.authentication.sso.enabled=false
Result: Windows cannot find the CIFS

Case 2:
alfresco.authentication.authenticateCIFS=true
ntlm.authentication.sso.enabled=false
Result: Windows finds the CIFS, but will not accept any username/password combination

Case 3:
alfresco.authentication.authenticateCIFS=false
ntlm.authentication.sso.enabled=true
Result: Windows cannot find the CIFS

Case 4:
alfresco.authentication.authenticateCIFS=true
ntlm.authentication.sso.enabled=true
Result: Windows connects to the CIFS without asking for a password, shows only the folders in the Site folder and no content or subfolders

Case 4b
alfresco.authentication.authenticateCIFS=true
ntlm.authentication.sso.enabled=true
User is logged in with a windows account whose username and password match an existing Alfresco administrator account.
Result: same as Case 4.

Conclusions:
1. CIFS does not run if there is no authentication subsystem set to authenticate it. Apparently, ntlm.authentication.sso.enabled=true is set by default.
2. Single Sign-on (sso) somehow bypasses the authentication, but does not actually permit seeing any content.

I guess I need to figure out how to set up SSO properly, as that would be a (somewhat annoying) workaround for the problem.
Apparently, running the CIFS with no authentication is not possible.

Hyland Connect

CIFS question (guests, no authentication)