Hyland Connect

maximus007 · ‎01-28-2010

I have seen a couple of mentions of this, but I want to start a new, clear thread in the hope that it triggers someone. I have done plenty of searching of the forums and lots of wiki reading.

I have installed Alfresco Community 3.2r2 on a clean Windows Server 2008 (x64) machine. The machine is on a domain controlled by an SBS2003 R2 machine.

So far, I have managed to get most things working - Alfresco via http, Alfresco Share, WebDAV (which suffers from the Windows Vista/7 PROPPATCH issue btw), FTP, PassThru authentication all work correctly. Unfortunately getting CIFS to has been my bugbear for at least two whole days. :?

my alfresco-global.properties contains the following entries related to CIFS (I realise a few are redundant but I am trying to make sure I haven't missed anything):

filesystem.name=Alfresco
cifs.enabled=true
cifs.servername=ALFRESCO
cifs.hostannounce=true
cifs.ipv6.enabled=disabled‍‍‍‍‍

I have followed the instructions at http://wiki.alfresco.com/wiki/File_Server_Configuration#Vista_And_Windows_2008 and blocked the requisite ports on the firewall. I have also disabled Smb2 via the specified registry key, and set the "TransportBindName" entry to blank. File & Printer Sharing is disabled on the network connection.

Despite my efforts, I cannot get the CIFS share to show up, either locally or on a remote machine.

Running netstat -a still shows port 445 as LISTENING which is apparently the expected behaviour on Windows Server 2008, hence the firewall settings.

nbstat -n shows the computer's hostname as unique, and the domain as a group, but it does not show the designated NetBT name "ALFRESCO".

Does anyone have any ideas for something to try?

PS: I have previously been able to get everything running fine on an Ubuntu 9.10 x64 virtual machine, but I need to run my production server on Windows due to our OCR software.

benswitzer · ‎01-29-2010

maximus007,

I've successfully run the last 3 community versions of Alfresco on Windows 2008.

This is what helped me:
- In the properties for the network connection, disable "File and Printer Sharing for Microsoft Networks"
- Ensure that all of the services under "Sharing and Discovery" in the Network and Sharing Center are off (Network discovery, File Sharing, etc.).

Hope this helps you.

Ben

maximus007 · ‎01-29-2010

Hi Ben,

thank you for the reply.

I have already tried (and rechecked) those two very settings. "File and Printer Sharing" is disabled on the network connection and "Sharing and Discovery" is also switched off. I still don't get the server name showing up under nbtstats.

Were you using Server 2008 R2?

Max.

rosemeyer2 · ‎02-01-2010

@maximus:
If you try to connect to your CIFS device, are you getting the username / password box or just a not found message? Are you trying to connect from the machine, where Alfresco is installed or remote?

maximus007 · ‎02-01-2010

I can't believe this - after days of installing, reinstalling, messing with settings, pulling out hair etc., I seem to have managed to get it working on the local server!

The only change I made was to disable Passthru authentication, replacing it with AlfrescoNTLM authentication.

Why won't CIFS work with Passthru?

mikeh · ‎02-01-2010

Why won't CIFS work with Passthru?

I'm no expert, but I believe this is by design (from Microsoft NTLMv2 protocols) to prevent "man in the middle" attacks. Alfresco is effectively the "man in the middle", so fall foul of this policy.

Thanks,
Mike

benswitzer · ‎02-01-2010

This also might be of some use. I changed the GPO object Network security: LAN Manager authentication level to Send LM & NTLM - use NTLMv2 session security if negotiated to ensure NTLMv1 was used over NTLMv2.

This is due to the point that Mike raises.

maximus007 · ‎02-01-2010

Thanks for your help everyone.

@MIke,
I understand the authentication/security difference between NTLMv2 and v1, but why would this also be responsible for preventing the NetBios name from resolving? As I said in my original post, I had WebDAV, Share and Explorer all working perfectly with Passthru authentication. In other words, before changing the authentication method, the filesystem.servername would not show up in nbtstat, now it shows as expected.

@BenSwitzer,
I was already using that GPO setting on the computers connecting to the server, and where it hadn't been changed, the log displayed the fact that the client didn't support NTLMv1. With my original settings, it didn't even register a "hit" when trying to access Alfresco via CIFS.

mpierce · ‎03-23-2010

I'm posting my problem with CIFS on this thread since it seems to most accurately describe my current situation, except I haven't changed any other defaults yet (i.e. authentication is still AlfrescoNTLM). I have a brand new server with Windows 2008 R2 installed, bought primarily for the purpose of using Alfresco's records management module, since a trial run on an older XP machine convinced me it was what we needed.

Alfresco installs fine, but I cannot see a CIFS server anywhere no matter what I try. I've followed the troubleshooting tips for disabling native SMB to no avail. Windows Firewall with Advanced Security is set to disable SMB-In. File and Printer Sharing is disabled for the connection. I've added an Smb2 entry with a value of zero in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters. I've tried unbinding all devices from SMB by deleting the value of TransportBindName in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters. I've also tried adding an SMBDeviceEnabled entry in the same place and setting it to zero just in case.

Mapping a network drive (HostnameA) yields a "network path not found" error. nbtstat -n shows nothing but my computer and workgroup. And somehow, probably from fiddling with the registry settings mentioned above, nbtstat won't even run anymore ("Failed to access NetBT driver"). My connection is set to enable NetBIOS over TCP/IP. alfresco-global.properties and other config files are at the default from a windows install of 3.2r2.

Any ideas or help would be greatly appreciated!

mpierce · ‎03-25-2010

I'm completely stumped; there just doesn't seem to be anything there! I've tried everything i can think of, using a lmhosts entry to get explorer to recognize something but there's no ip address i can use that makes any sense and log on doesn't do anything. I've reinstalled alfresco, the os. no errors in the log, i can get to explore and share just fine. port 445 is "LISTENING" but from above that's why the firewall rules need to be disabled?

would it help if i tried using the java-based netbt over tcp/ip? or the java-based smb over tcp? not sure if i'm totally clear how to do either but it might be worth a try.

Any help? suggestions? please??

Hyland Connect

Setting Up CIFS on Windows Server 2008 R2