Hyland Connect

jonno70 · ‎09-07-2015

Hi

I am looking for some help with this..

I have a pretty basic Alfresco community installation and I am trying to get the authentication sorted out.

Environment
Alfresco: Community 5.0d
Server: Ubuntu 14.04 LTS
AD Server: Windows 2012
Clients: Windows 7
iPad with Alfresco mobile app version 2.1.2
network: LAN - without proxy or anything clever

Outcome
CIFS drive mapping on Windows 7 desktop
NTLM SSO for web client - and in particular to use the sharepoint protocol to allow edit online, etc.
Alfresco mobile app - to access the repository

Current status
With the settings below - the Windows clients are working as desired…
Mobile app will no connect

I have turned on DEBUG in CMIS in ./tomcat/webapps/alfresco/WEB-INF/classes/log4j.properties
And get the error in the alfresco.log file below.

If I undo the NTLM and SSO changes then the mobile client works - and o the desktop doesn’t do SSO and the edit online doesn't work.

I am pretty new to Alfresco so any help and guidance will be greatly appreciated.

I installed the opencmis workbench to make testing a little easier - and have the same error when connect from that.

thanks, Jon

alfresco-global.properties


### passthru authentication ###
authentication.chain=passthru1:passthru,alfrescoNtlm1:alfrescoNtlm
# authentication.chain=passthru1:passthru

ntlm.authentication.sso.enabled=true

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=JONNO\\jonno-ad01.jonno.org,jonno-ad01.jonno.org
passthru.authentication.authenticateCIFS=true
passthru.authentication.guestAccess=false
passthru.authentication.protocolOrder=TCPIP,NETBIOS
passthru.authentication.defaultAdministratorUserNames=jon,administrator
alfresco.authentication.authenticateCIFS=false
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

alfresco.log


2015-09-07 13:10:03,836 DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-2] NTLM blob not handled, redirecting to login page.
2015-09-07 13:10:03,837 DEBUG [org.alfresco.web.app.servlet.NTLMAuthenticationFilter] [http-apr-8080-exec-2] restartLoginChallenge…
‍‍‍‍

jonno70 · ‎09-08-2015

I have tested the configuration against Community 5.0.c and found that release works with the configuration I have used….
Therefore I have raised a JIRA issue (hope I did it right)

I also tested against the Early Access release of 5.1 - 201508, and the issue is in that build as well….

cheers, Jon

gnyce · ‎09-22-2015

I would have thought that this was incorrect (at least, I have it differently). Having said that, if you have both domain and server (as I do), it's not clear to me which Alfresco will use. I've seen it mentioned that using the "servers" (with hostname/IP) is preferred/more reliable than "domain", but as I have two different domains with different accounts, having both (currently) seems to work. ALso, for what it is worth, in the auth chain, I have alfrescoNTLM first, with passthru 2nd (and ldap 3rd).

You:
passthru.authentication.domain=

passthru.authentication.servers=JONNO\\jonno-ad01.jonno.org,jonno-ad01.jonno.org

Me:
passthru.authentication.domain=JONNO\\jonno-ad01.jonno.org,jonno-ad01.jonno.org

passthru.authentication.servers=192.168.1.1,any-other-ip-address

landjet · ‎11-02-2015

I have a same problem !
have you found the solution ?

pingus · ‎07-22-2017

Same problem here. Version 201704 NTLM authentication only. As soon as I enable SSO I'm not able to login to the mobile app.

Hyland Connect

Passthru, NTLM, SSO and Mobile