Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP and CIFS Error - cant disable please help

troga
Champ in-the-making
Champ in-the-making

‎03-06-2009 10:26 AM

Hi Community

We just installed latest Alfresco Community Edition and tried Alfresco with LDAP (MS Active Directory) Integration.

We just changed the ldap-authentication.properties and renamed the ldap-authentication-context.xml.sample to "ldap-authentication-context.xml"
but when we start we get this error and Alfresco is not running:

11:18:27,943 ERROR [org.alfresco.smb.protocol.auth] No valid CIFS authentication combination available
11:18:27,943 ERROR [org.alfresco.smb.protocol.auth] Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords
11:18:27,945 ERROR [org.alfresco.smb.protocol] CIFS server configuration error, Invalid CIFS authenticator configuration
org.alfresco.error.AlfrescoRuntimeException: Invalid CIFS authenticator configuration

Because we dont want to have clear or MD4 passwords, we tried to disable CIFS with the following inside the "file-servers-custom.xml"

   <config evaluator="string-compare" condition="CIFS Server" replace="true">
      <serverEnable enabled="false"/>
   </config>

But then Alfresco dont start and the only error we found was inside the tomcat logs:
SEVERE: Exception starting filter WebDAV Authentication Filter
javax.servlet.ServletException: Failed to get local server name

SEVERE: Exception starting filter WebScript NTLM Authentication Filter
javax.servlet.ServletException: Failed to get local server name


Can anybody help us, to disable CIFS OR better to make LDAP work with CIFS without using MD4 or cleartext?
Maybe we missed something in the Configuration files?


 Our ldap-authentication.properties (Messagetext cuted)

ldap.authentication.userNameFormat=%s

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server 
ldap.authentication.java.naming.provider.url=ldap://ipadserver:389

# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=simple

# The default principal to use (only used for LDAP sync)
ldap.authentication.java.naming.security.principal=LDAPreadaccount 

# The password for the default principal (only used for LDAP sync)
ldap.authentication.java.naming.security.credentials=ourpassword 

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is 
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
Labels:
0 Kudos
1 REPLY 1

troga
Champ in-the-making
Champ in-the-making

‎03-09-2009 05:27 AM

Just one more Info: (Maybe this is helpful for answering?)

LDAP Search Result against our AD:
ldapsearch -h 1XX.XX.XXX.XXX -p 389 -x -b "" -s base -LLL supportedSASLMechanisms

Result:
dn:
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: DIGEST-MD5


Has anybody disabled CIFS successful?

Every help is welcome……
Troga
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC