AnsweredAssumed Answered

LDAP and CIFS Error - cant disable please help

Question asked by troga on Mar 6, 2009
Latest reply on Mar 9, 2009 by troga
Hi Community

We just installed latest Alfresco Community Edition and tried Alfresco with LDAP (MS Active Directory) Integration.

We just changed the ldap-authentication.properties and renamed the ldap-authentication-context.xml.sample to "ldap-authentication-context.xml"
but when we start we get this error and Alfresco is not running:

11:18:27,943 ERROR [org.alfresco.smb.protocol.auth] No valid CIFS authentication combination available
11:18:27,943 ERROR [org.alfresco.smb.protocol.auth] Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords
11:18:27,945 ERROR [org.alfresco.smb.protocol] CIFS server configuration error, Invalid CIFS authenticator configuration
org.alfresco.error.AlfrescoRuntimeException: Invalid CIFS authenticator configuration

Because we dont want to have clear or MD4 passwords, we tried to disable CIFS with the following inside the "file-servers-custom.xml"

   <config evaluator="string-compare" condition="CIFS Server" replace="true">
      <serverEnable enabled="false"/>
   </config>

But then Alfresco dont start and the only error we found was inside the tomcat logs:
SEVERE: Exception starting filter WebDAV Authentication Filter
javax.servlet.ServletException: Failed to get local server name

SEVERE: Exception starting filter WebScript NTLM Authentication Filter
javax.servlet.ServletException: Failed to get local server name


Can anybody help us, to disable CIFS OR better to make LDAP work with CIFS without using MD4 or cleartext?

Maybe we missed something in the Configuration files?


Our ldap-authentication.properties (Messagetext cuted)

ldap.authentication.userNameFormat=%s

# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory

# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://ipadserver:389

# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=simple

# The default principal to use (only used for LDAP sync)
ldap.authentication.java.naming.security.principal=LDAPreadaccount

# The password for the default principal (only used for LDAP sync)
ldap.authentication.java.naming.security.credentials=ourpassword

# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false

# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false

Outcomes