11-21-2016 09:57 AM
authentication.chain=ldap1:ldap-ad,passthru1assthru
ntlm.authentication.sso.enabled = true
ntlm.authentication.browser.ticketLogons=true
ldap.authentication.active=false
ldap.authentication.userNameFormat=%s@domen.local
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.provider.url=ldap://dc01.domen.local:389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco,admin
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=user_alfresco@domen.local
ldap.synchronization.java.naming.security.credentials=12345678
ldap.synchronization.groupSearchBase=ou=Group,ou=user,dc=domen,dc=local
ldap.synchronization.userSearchBase=ou=user,dc=domen,dc=local
filesystem.domainMappings=DOMEN
filesystem.domainMappings.value.DOMEN.subnet=192.168.0.0
filesystem.domainMappings.value.DOMEN.mask=255.255.255.0
alfresco.authentication.authenticateCIFS=false
passthru.authentication.authenticateCIFS=false
passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers = DOMEN\\dc01.domen.local,dc01.domen.local,dc01
passthru.authentication.guestAccess=false
passthru.authentication.protocolOrder=TCPIP,NETBIOS
DEBUG [org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter] [http-apr-8080-exec-4] Fallback authentication failed. Restarting login...
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-5] Authentication not required (filter), chaining ...
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-6] New NTLM auth request from 192.168.0.16 (192.168.0.16:36339) SID:903B3C4ABEBC886A04AAFCA78CEA
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-6] restartLoginChallenge...
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Received type1 [Type1:0xa20807,Domain:<NotSet>,Wks:<NotSet>]
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Mapped client IP 192.168.0.16 to domain DOMAIN
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Client domain DOMAIN
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Searching for local server name.
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Found server name in the file server configuration: null
INFO [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] NTLM filter using server name fs02
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-8] Sending NTLM type2 to client - [Type2:0x80000203,Target:fs02,Ch:a7216475770cd8af]
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-10] Received type3 [Type3:,LM:000000000000000000000000000000000000000000000000,NTLM:231592438a0ef5cbe44987408d9501010000000000006ee76e090644d201fb6346620237539d000200080066007300300032000000000000000000,DomOMAIN,User:sh-g,Wks:IT-01]
ERROR [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-10] Client IT-01 using NTLMv2 logon, not valid with passthru authentication
DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-10] restartLoginChallenge...
DEBUG [org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter] [http-apr-8080-exec-3] Performing fallback authentication...
help me
11-21-2016 11:22 AM
Please refer to the documentation about troubleshooting NTLM issues. Specifically for passthru you have to configure clients NOT to use NTLMv2 via registry settings. Generally I'd recommend not to use passthru anymore (insecure) and instead utilize Kerberos.
11-21-2016 11:22 AM
Please refer to the documentation about troubleshooting NTLM issues. Specifically for passthru you have to configure clients NOT to use NTLMv2 via registry settings. Generally I'd recommend not to use passthru anymore (insecure) and instead utilize Kerberos.
11-21-2016 09:55 PM
Thank you, I will change on Kerberos
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.