cancel
Showing results for 
Search instead for 
Did you mean: 

Either nobody uses v3.0 or nobody needs AD + NTLM + CIFS !

karakartal
Champ in-the-making
Champ in-the-making
Hello

I am checking out every release from HEAD and recompiling and facing the same following error with a big disappointment:

DEBUG [smb.protocol.auth] Authenticated user cenap sts=Disallow via Passthru

I have a working Active Directory + NTLM + CIFS configuration with Alfresco 2 but I was never able to get CIFS working with any version above v2.0

I have done the following in order to solve the problem.

    I have recompiled Win32NetBIOS.dll
    I have tried to get it working on Ubuntu Linux
    I have tried almost every possible configuration in file-servers.xml
None of them helped…

Passthru is simply not working!

Is this a bug? Should I wait for future releases? Or am I doing something wrong?

Any ideas?
10 REPLIES 10

vycitalr
Champ in-the-making
Champ in-the-making
I succesfully use "alfresco" authenticator with NTLM an AD, using version 2.2.dev.

karakartal
Champ in-the-making
Champ in-the-making
I succesfully use "alfresco" authenticator with NTLM an AD, using version 2.2.dev.

What about CIFS?  Can you also use CIFS?

vycitalr
Champ in-the-making
Champ in-the-making
Yes, I can.

karakartal
Champ in-the-making
Champ in-the-making
Would you mind posting your configuration XML's here?

vycitalr
Champ in-the-making
Champ in-the-making
There is really nothing special.

file-servers.xml


<alfresco-config area="file-servers">

   <config evaluator="string-compare" condition="CIFS Server">
     <serverEnable enabled="true"/>
      <host name="${localname}CIFS"/>
      <comment>Alfresco CIFS Server</comment>

      <!– Set to the broadcast mask for the subnet –>
      <broadcast>255.255.255.255</broadcast>



      <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux.
      
      To enable native SMB support under Windows requires that the Windows native SMB support is disabled by editing, or creating, the following registry key :-
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters]
      "SMBDeviceEnabled"=dword:00000000
      –>
      <!–
      <tcpipSMB platforms="linux,solaris,macosx"/>
      <netBIOSSMB platforms="linux,solaris,macosx"/>
     –>
    
    
     <!– Can be mapped to non-privileged ports, then use firewall rules to forward
          requests from the standard ports –>        

      <tcpipSMB port="1445" platforms="linux,solaris,macosx"/>
      <netBIOSSMB sessionPort="1139" namePort="1137" datagramPort="1138" platforms="linux,solaris,macosx"/>
   
      
      <hostAnnounce interval="5"/>

      <!– Use Win32 NetBIOS interface on Windows, on other platform this is ignored –>
      <Win32NetBIOS/>
      <Win32Announce interval="5"/>

<!–
      <WINS>
         <primary>1.2.3.4</primary>
         <secondary>5.6.7.8</secondary>
      </WINS>
–>
      <sessionDebug flags="Negotiate,Socket"/>
   </config>

   <config evaluator="string-compare" condition="FTP Server">
     <serverEnable enabled="false"/>
<!–      <debug flags="File,Search,Error,Directory,Info,DataPort"/> –>
   </config>
  
   <config evaluator="string-compare" condition="NFS Server">
     <serverEnable enabled="false"/>
   </config>
   
   <config evaluator="string-compare" condition="Filesystems">
     <filesystems>
       
       <!– Alfresco repository access shared filesystem –>
         <filesystem name="Alfresco">
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>

         <!– Add a URL file to each folder that links back to the web client –>
         <urlFile>
               <filename>__AlfrescoClient.url</filename>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </urlFile>

         <!– Mark locked files as offline –>
          <offlineFiles/>

         <!– Desktop actions –>
         <!– Uses a client-side application to trigger a server-side action                         –>
         <!–   Echo - displays a message echoed from the server                                     –>
         <!–   URL  - launches a URL via the Windows shell                                          –>
         <!–   CmdLine - launches the Notepad application                                           –>
         <!–   CheckInOut - checks files in/out, drag and drop files onto the application           –>
         <!–   JavaScript - run a server-side script                                                –>
         <!–   JavaScriptURL - server-side script that generates a URL to the folder using a ticket –>
         <!–                   to avoid having to logon                                             –>

<!–
         <desktopActions>
            <global>
                    <path>alfresco/desktop/Alfresco.exe</path>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </global>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.EchoDesktopAction</class>
               <name>Echo</name>
                 <filename>__AlfrescoEcho.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.URLDesktopAction</class>
               <name>URL</name>
                 <filename>__AlfrescoURL.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.CmdLineDesktopAction</class>
               <name>CmdLine</name>
                 <filename>__AlfrescoCmd.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.CheckInOutDesktopAction</class>
               <name>CheckInOut</name>
                 <filename>__AlfrescoCheckInOut.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScript</name>
               <filename>__AlfrescoScript.exe</filename>
               <script>alfresco/desktop/dumpRequest.js</script>
               <attributes>anyFiles, multiplePaths , allowNoParams</attributes>
               <preprocess>confirm, copyToTarget</preprocess>
            </action>
            <action>
               <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScriptURL</name>
               <filename>__AlfrescoDetails.exe</filename>
               <script>alfresco/desktop/showDetails.js</script>
               <attributes>anyFiles</attributes>
               <preprocess>copyToTarget</preprocess>
            </action>

         </desktopActions>
–>         
                   
<!–
            <accessControl default="Write">
               <user name="admin" access="Write"/>
               <address subnet="90.1.0.0" mask="255.255.0.0" access="Write"/>
            </accessControl>
–>
         </filesystem>
       
       <!– AVM virtualization view of all stores/versions for WCM –>
         <avmfilesystem name="AVM">
            <virtualView/>
         </avmfilesystem>
       
      </filesystems>
   </config>

   <config evaluator="string-compare" condition="Filesystem Security">
   
    <!– we use NTLM, so we need alfreosco authenticator –>
    <authenticator type="alfresco"/>
    
    <!–
      <authenticator type="enterprise">
      </authenticator>
   –>
   
<!–
      <globalAccessControl default="None">
         <user name="admin" access="Write"/>
         <address ip="90.1.0.90" access="Write"/>
      </globalAccessControl>

      <users>
         <localuser name="user">
            <password>user</password>
            <comment>Normal user account</comment>
         </localuser>
   
         <localuser name="administrator">
            <password>admin</password>
            <administrator/>
            <comment>Administrator account</comment>
         </localuser>
      </users>
–>
   </config>


</alfresco-config>

ntlm-authentication-context.xml


<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <!– The authentication component.                                      –>

    <!– Use the passthru authentication component to authenticate using    –>
    <!– user accounts on one or more Windows servers.                      –>
   
    <!– Properties that specify the server(s) to use for passthru          –>
    <!– authentication :-                                                  –>
    <!–   useLocalServer   use the local server for authentication         –>
    <!–   domain           use domain controllers from the specified domain–>
    <!–   servers          comma delimted list of server addresses or      –>
    <!–                    names                                           –>
      
    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <!–  RVY: comment out this in case of remote server
        <property name="useLocalServer">
            <value>true</value>
        </property>
        –>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionComponent" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
       
       
         <!– Name of the windows domain \ domain controller hostname or ip –>
       <property name="servers">
            <value>10.10.21.128</value>
       </property>
   
           
    </bean>
   
</beans>

hvyas
Champ in-the-making
Champ in-the-making
I succesfully use "alfresco" authenticator with NTLM an AD, using version 2.2.dev.

What SVN revision you build for 2.2 dev version?

karakartal
Champ in-the-making
Champ in-the-making
This seems to be pre 2.2 installation because it would complain about wrong CIFS authentication configuration etc.

mikeh
Star Contributor
Star Contributor
If it's the version I think it is, you should update it before going much further. Did you grab this build just before Christmas?

Version 2.2 dev is actually a very early v2.9 (before the version numbers changed).

Mike

hvyas
Champ in-the-making
Champ in-the-making
If it's the version I think it is, you should update it before going much further. Did you grab this build just before Christmas?

Version 2.2 dev is actually a very early v2.9 (before the version numbers changed).

Mike


Mike,

           What SVN revision number should we build for stable community 2.1.X or 2.2.x series?  Your answer would be appreciated.