06-16-2017 09:23 AM
Greetings
Microsoft is soon disabling SMB1 in Windows (Microsoft to Disable SMBv1 in Windows Starting This Fall ).
In the light of that, does the Alfresco SMB/CIFS Server support SMB2 or SMB3? I'm especially interested in the Java based implementation which runs on non-Windows systems.
Thank you
Yves Noirjean
06-19-2017 01:10 PM
I saw that news over the weekend, and we have been discussing it is a team.
CIFS is a specific dialect of SMBv1, and so is likely to stop working when Microsoft disables their client support for it. Our implementation of CIFS is vulnerable to many of the security problems mentioned in the Microsoft blog post, and so for some time we have recommended people use WebDAV in environments where those risks are considered unacceptable.
As Axel Faust has pointed out, Alfresco has not invested in improving our SMB support since Alfresco version 4.0. That work was to improve the performance and stability of the current implementation, and we have not done the work to support newer versions of that protocol.
When we have looked at upgrading to a newer version of the SMB protocol, it is an expensive undertaking. We have instead directed our resources to other areas, such as improving WebDAV and the new SharePoint support in the AOS library.
The news from Microsoft has forced us to re-evaluate our position with SMB/CIFS. There are some new libraries we could leverage for this support, but integrating them would still be a big project. I wonder if it isn't better to end-of-life our CIFS support and recommend WebDAV for all use cases required mounting Alfresco as a shared drive.
Here is my analysis of WebDAV versus SMBv3.1.1:
Am I missing anything?
Is anyone willing to share a use case shared drives where WebDAV would not be adequate?
06-23-2017 09:32 AM
Minor correction Richard: RFC-compliant WebDAV is not provided by JLAN. JLAN is only responsible for CIFS/SMB, FTP and NFS.
06-22-2017 09:12 AM
By the way, are Linux webdav clients able to connect to the AOS's "webdav"-ish endpoint?
06-22-2017 10:31 AM
The AOS "webdav" is providing a Microsoft-corrupted variant of WebDAV and is not fully RFC-compliant. It will likely work with clients other than WIndows / Office, but there is no guarantee that weird stuff won't happen if you use it on non-Windows systems.
06-22-2017 10:36 AM
Some remarks:
- We're using CIFS intensively on most of our alfresco deployments (in a pure collaboration context, smb is used on local lan, and share interface is used remotely).
- SMB is preferred to WebDAV for performances, reliability and conflict management (in many scenarios it seems that webdav is not locking file when editing, as said above depending on webDAV client)
- SMB can be easily integrated into a DFS architecture which brings seamless file share solution and potentially High Availability.
- Alfresco is one of the rare ECM solution that is providing SMB support, and we love it !
Finally I do confirm that we love SMB support in Alfresco, and it would be a very bad news if this support was discontinued.
Vincent
06-29-2017 07:53 AM
I confirm that we are also using intensively CIFS successfully. Most of our users have no clue about the backend system behind the share drive... they just use it as other shares on their explorer.
it's fast, eays and meanful !
Losing CIFS would be a big issue for us !
Sylvain
06-23-2017 08:47 AM
Alfresco and CIFS/SMB are in a kind of love-hate relationship. At least speaking for our customers: 20 of 30 companies have choosen for Alfresco because of the CIFS implementation. On the other hand it is one of a few root sources of trouble (beside transformer framework, search, versions, retrying transaction handler, ...).
WebDAV: One of our biggest customers (>800 concurrent active users with connected drive in windows) had to switch to WebDAV/AOS since Alfresco's CIFS implementation doesn't support terminal services / SMB block tagging on the same session. It is working somehow but not perfect. There are lot's of bugs, limitations in the Windows and/or Alfresco WebDAV implementation (limitation on path length, supported characters, locking, strange behavior on delete, ...)
To make the answer short: WebDAV may be an replacement if you can live with all the limitations but scales better with hundreds or thousands of users. You may miss the active part of CIFS which is notifying a client for updates (which would make the protocol unusable on Macs: no F5 reload)
But no big change without a big chance:
One of the biggest pitfalls users face with Alfresco is the synchronous implementation of the fileserver implementation which is NOT compatible with the client OS concepts: client applications are used to delete and recreate files all the time, rename files before saving new versions etc. (well known from the shuffle mode concepts implemented in the fileserver / cifs implementation of Alfresco). I would vote for a new better implementation which works more like dropbox but in a manner of a connected drive: file actions are decoupled, recorded and consolidated based on some known events (e.g. on file close). In the mean time the file is saved on a local directory or on a server's temporary directory. We discussed this way internally years ago as an samba4 connector to replace Alfresco CIFS. This would be much more scalable and would additionally solve all the trouble outside of Alfresco. Alfresco should see only the real resulting new/changed document. Nothing else. Maybe we should start a fundraising now for this idea 😉
06-23-2017 09:35 AM
Thanks for sharing your experience and opinion. Internally, we have discussed whether the new (proprietary) Desktop Sync client isn't in fact a better way to go than the old-school Shared Drive concept.
It would be great to see someone implement a Samba 4 back-end for Alfresco proof-of-concept that we could use as a starting point for our efforts. Any volunteers?
08-13-2017 07:01 AM
Visuality Systems offers a commercial SMB stack that can be utilized here. The solution is portable and updated with the latests SMB3.1.1 dialect.
08-13-2017 02:11 PM
I bet as much as GPL3 is being marked as "nearly impossible to use" in the FAQ on their homepage, so could be the commercial license of NQE / NQ Storage for an open source product like Alfresco. On the other hand it would make it "easier" (argumentatively) for Alfresco to turn SMB support into an Enterprise-only, paid extension - which is what I gather so far might be the most likely of outcomes anyway...
08-14-2017 06:29 AM
Besides the license discussion and which smb/cifs library to use I see a big challenge in separating alfresco jlan code from the desktop shuffle file / temp file mimic to support desktop apps behavior like ms-office or adobe apps with alfresco's node and metadata model. Today this is a huge unreadable bunch of code. With other words: where to plug in any other cifs library not to get all the problems again Alfresco had (and still has) in working on a mounted drive with desktop apps? Most dms vendors implement this kind of magic code on the client side but of course could be also implemented on server side if there's no client part.
Explore our Alfresco products with the links below. Use labels to filter content by product module.