Hyland Connect

cpjms3 · ‎01-30-2013

Hi everyone,

Im new to the forum and ripping hair out due to CIFs not working….

I have alfresco setup up and can access \share and \alfresco via web interface, However I cannot get CIFS working at all, I cannot see it in my network places and when I get to \\alfresco.server.com\share manually I get a login box. I have passthru working to talk to my Windows DC and can log into the web interface using Windows Credentials but neither my AD or Local (To alfresco) credentials dont work - once I have entered credentials the login box just reappears!

Any help would be greatly appreciated.

I have edited the alfresco-global.properties config file and also A file in /alfresco/tomcat/webapps but not sure which one.

My server is running CentOS 6.3 x64.

Cheers.

bisana · ‎01-30-2013

Hi
Did u re-direct the port using iptables
simillar to


iptables -F
iptables -t nat -F
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -A PREROUTING -p tcp –dport 445 -j REDIRECT –to-ports 1445
iptables -t nat -A PREROUTING -p tcp –dport 139 -j REDIRECT –to-ports 1139
iptables -t nat -A PREROUTING -p udp –dport 137 -j REDIRECT –to-ports 1137
iptables -t nat -A PREROUTING -p udp –dport 138 -j REDIRECT –to-ports 1138

iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp -m tcp –dport 445 -j REDIRECT –to-ports 1445
iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp -m tcp –dport 139 -j REDIRECT –to-ports 1139
iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp -m tcp –dport 137 -j REDIRECT –to-ports 1137
iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp -m tcp –dport 137 -j REDIRECT –to-ports 1137
iptables -t nat -A OUTPUT -d 127.0.0.1 -p tcp -m tcp –dport 21  -j REDIRECT –to-ports 1421
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Note:- If my posting was usefull to u, please mark it as usefull. It will encourage me to help others

cpjms3 · ‎01-30-2013

Hi, thanks for the reply.

Yes I have added those rules into IPTables. Still no joy - I get 'unknown username or bad password' if I browse to the share manually through Windows Explorer. I also cannot see the Alfresco server advertised in my Network. Firewall is set to permissive on server.

I'm at a loss.

My config is as follows:

dir.root=/opt/alfresco/alf_data

alfresco.context=alfresco
alfresco.host=192.168.*.*
alfresco.port=8080
alfresco.protocol=http

share.context=share
share.host=192.168.*.*
share.port=8080
share.protocol=http

### database connection properties ###
db.driver=org.postgresql.Driver
db.username=alfresco
db.password=db_password
db.name=alfresco
db.url=jdbc

ostgresql://localhost:5432/${db.name}

### FTP Server Configuration ###
ftp.enabled=false
ftp.port=21

### RMI service ports ###
alfresco.rmi.services.port=50500
avm.rmi.service.port=0
avmsync.rmi.service.port=0
attribute.rmi.service.port=0
authentication.rmi.service.port=0
repo.rmi.service.port=0
action.rmi.service.port=0
deployment.rmi.service.port=0

### External executable locations ###
ooo.exe=/opt/alfresco/libreoffice/program/soffice.bin
ooo.enabled=true
ooo.port=8100
img.root=/opt/alfresco/common
img.dyn=${img.root}/lib
img.exe=${img.root}/bin/convert
swf.exe=/opt/alfresco/common/bin/pdf2swf
swf.languagedir=/opt/alfresco/common/japanese

jodconverter.enabled=false
jodconverter.officeHome=/opt/alfresco/libreoffice
jodconverter.portNumbers=8100

### Initial admin password ###
alfresco_user_store.adminpassword=f5061ddae6f7233905650454c0ce6e5d

### E-mail site invitation setting ###
notification.email.siteinvite=false

### License location ###
dir.license.external=/opt/alfresco

### Solr indexing ###
index.subsystem.name=solr
dir.keystore=${dir.root}/keystore
solr.port.ssl=8443

### BPM Engine ###
system.workflow.engine.jbpm.enabled=false

authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1

assthru,ldap1:ldap
passthru.authentication.useLocalServer=false
passthru.authentication.sso.enabled=true
passthru.authentication.allowGuestLogin=false
passthru.authentication.servers=192.168.99.100
passthru.authentication.domain=domain.local
passthru.authentication.useLocalServer=false
passthru.authentication.defaultAdministratorUserNames=Administrator
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS

ldap.authentication.active=false
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://192.168.99.100:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=domain.local\dep$
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupDifferentialQuery=(&(objectclass=nogroup)(!(modifyTim$
ldap.synchronization.personQuery=(&(objectclass=user)(userAccountControl\:1.2.8$
ldap.synchronization.personDifferentialQuery=(& (objectclass=user)(!(modifyTime$
ldap.synchronization.groupQuery=(objectclass\=group)

ldap.synchronization.groupSearchBase=cn\=Users,dc=domain,dc=local
ldap.synchronization.userSearchBase=cn\=Users,dc=domain,dc=local

ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss..0Z.
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member

synchronization.synchronizeChangesOnly=true

ntlm.authentication.mapUnknownUserToGuest=false
ntlm.authentication.mapUnknownUserToGuest=false
ntlm.authentication.sso.enabled=false
ntlm.authentication.authenticateCIFS=false
alfresco.authentication.authenticateCIFS=false
alfresco.authentication.allowGuestLogin=false
passthru.authentication.sso.enabled=false
passthru.authentication.authenticateCIFS=true
ldap.authentication.active=false
ldap.synchronization.active=true

cifs.enabled=true
cifs.disableNativeCode=false
cifs.serverName=Alfresco
cifs.domain=DOMAIN.LOCAL
cifs.hostannounce=true
cifs.sessionTimeout=1800
cifs.ipv6.enabled=false
cifs.tcpipSMB.port=1445
cifs.netBIOSSMB.namePort=1137
cifs.netBIOSSMB.datagramPort=1138
cifs.netBIOSSMB.sessionPort=1139
cifs.WINS.autoDetectEnabled=true

I really need to get this feature working!!!!!!!

Thanks all!

bisana · ‎01-30-2013

for CIFS settings, please try out


"cifs.Server.Name=yourdc_a" instead of "cifs.serverName=Alfresco" 
‍‍‍

also change


"cifs.domain=DOMAIN.LOCAL" to "cifs.domain=yourdc"
‍‍‍

Please give feedback after u try

cpjms3 · ‎01-31-2013

Hi,

I have changed the following to what you suggested.

cifs.Server.Name=dc-server1
cifs.domain=dc-server1

dc-server1 is my windows domain controller, i have tried the following command on my Alfresco server:

smbclient -U username \\\\127.0.0.1\\alfresco followed by the password for the user and I get an error "(Error NT_STATUS_CONNECTION_REFUSED)"

On a windows 7 PC if I try to map the network drive I get a login box, but when I enter credentials I get username and password not valid.

Do I need to open ports on my Windows firewall ?

I have added the rules into my server for IPtables and SELinux is Permissive.

Thanks

bisana · ‎02-01-2013

please try out this
cifs.Server.Name=dc-server1_a "note the _a at the end "

You are able to see the domain login box, that means you have CIFS up and running

can u try "smbclient -U admin " from the server
Also If my posting is usefull to u, please comment it as usefull

mrogers · ‎02-01-2013

note that the property is cifs.serverName, not capital S not with an extra dot