Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NIC dedicated to CIFS Fileserver

unknown-user
Champ on-the-rise
Champ on-the-rise

‎03-04-2014 10:00 PM

Hi

I have installed Alfresco Community 4.2e on Ubuntu 13.04 and added a second NIC to allow access to Alfresco share(s) without interfering with the native Samba installation. I have not seen this approach mentioned anywhere and I would be happy to write a wiki article on how this was configured and insights gained. I will proceed if there is any interest.

I am using a Windows SBS 2011 Essentials server for kerboros authentication and Active Directory user synchronization. However, CIFS authentication by kerboros failed, so I fell back to using AlfrescoNltm CIFS authentication. I successfully set up a subnet for the CIFS Fileserver and worked out how to arrange the routing so users can reach the subnet via the server acting as a router.

The main insight gained is that even though Samba and Alfresco have "bindTo" interface configurations, this does not mean both interfaces will operate successfully using the default ports at the same time. For example, Samba listens on ports 137 and 138 using of global 0.0.0.0 address, so this precludes Alfresco using these ports. Alfresco also refused to use the default faults if in use, even if by the non-bindTo interface. I reassigned the Alfresco ports and updated the iptables for the required port redirection. It took a while to work out how to configure the iptables for 2 interfaces!


Labels:
0 Kudos
1 REPLY 1

andrew_bowley
Champ in-the-making
Champ in-the-making

‎03-09-2014 03:13 AM

I would like to identify myself as the "anonymous" poster (registration problem).
I have completed a second installation of Alfresco Community 4.2e with a 2nd NIC, this time on Windows 8. I applied the same alfresco-global.properties customisation as used on Ubuntu as a starting point and got it running after having to meet some challenges which I will describe briefly.

1. Windows Kerberos. I downloaded and installed kfw-4.0.1-amd64.msi from the MIT site. This installed an empty krb5.ini configuration file in C:\ProgramData\MIT\Kerberos5. I added sections "libdefaults", "realms" and "domain_realm" and applied the same customisations to these as I did for Ubuntu. Tomcat needed a command-line parameter to tell it where to find the Kerberos config file: -Djava.security.krb5.conf=%PROGRAMDATA%//MIT//Kerberos5//krb5.ini
2. To get CIFS to run, I had to follow the Wiki instructions for getting Alfresco to use Java sockets - hint cifs.disableNativeCode=true
I also reallocated CIFS port 445 to 1445 to prevent a "port already in use" fatal error. Currently, I can only access the Alfresco CIFS filesystem from Linux smbclient, but I do have access to the FTP server from Windows clients (Kerberos authentication works for FTP).
3. Other command-line parameters added to prevent out of memory errors and SMTP connection errors: -XX:MaxPermSize=256M -Xss1024K -Xms1G -Xmx2G -Djava.net.preferIPv4Stack=true

Update: I successfully accessed the Alfresco CIFS filesystem from Windows 7 by using the Ubuntu server as a router. I configured the iptables to perfrom port redirection. The goal of having concurrent access to both Alfresco and Windows shares by means of a 2nd NIC has been achieved.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC