AnsweredAssumed Answered

Error Alfresco CE 4.2.a and Active Directory (Samba 4)

Question asked by mf_in_ffm on Oct 15, 2012
Latest reply on Nov 1, 2012 by mf_in_ffm
Hi,

I've just installed 4.2.a CE and so far it's up and running.
(CentOS 6.3, MariaDB 5.5.27, SSL-Reverse Proxy Nginx 1.2.4)

Next I've tried authentication with AD Samba4.
I just copied my the configuration from a 4.0.e installation, which has been working.

Configuration
-> Tomcat/shared/classes/alfresco/extension/subsystems/Authentication/kerberos/kerberos_s4
kerberos-authentication.properties

kerberos.authentication.realm=FRITZ.BOX
kerberos.authentication.authenticateCIFS=false
kerberos.authentication.user.configEntryName=Alfresco
kerberos.authentication.cifs.configEntryName=AlfrescoCIFS
kerberos.authentication.cifs.password= <- password
kerberos.authentication.http.configEntryName=AlfrescoHTTP
kerberos.authentication.http.password= <- password
kerberos.authentication.defaultAdministratorsUserNames=username

### Some logging
log4j.logger.org.alfresco.web.app.servlet.KerberosAuthenticationFilter=debug
log4j.logger.org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter=debug

kerberos-filter.properties

#kerberos.authentication.http.configEntryName=AlfrescoHTTP
#kerberos.authentication.http.password=secret
kerberos.authentication.sso.enabled=false
kerberos.authentication.browser.ticketLogons=false

alfresco-global.properties snippet

authentication.chain=kerberos_s4:kerberos,alfrescoNtlm1:alfrescoNtlm

java.login.conf as described here http://docs.alfresco.com/4.1/topic/com.alfresco.enterprise.doc/tasks/auth-kerberos-ADconfig.html

During startup there is an entry in catalina.out


2012-10-15 08:04:36,157  INFO  [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'fileServers' subsystem, ID: [fileServers, default]
2012-10-15 08:04:37,562  INFO  [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, kerberos_s4]
2012-10-15 08:04:37,734  INFO  [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, kerberos_s4] complete
2012-10-15 08:04:37,734  INFO  [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Starting 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1]
2012-10-15 08:04:37,885  INFO  [management.subsystems.ChildApplicationContextFactory] [localhost-startStop-1] Startup of 'Authentication' subsystem, ID: [Authentication, managed, alfrescoNtlm1] complete
2012-10-15 08:04:42,912  WARN  [org.alfresco.fileserver] [localhost-startStop-1] CIFS, Unable to get local domain/workgroup name, using default of WORKGROUP. This may be due to firewall settings or incorrect <broadcast> setting)


So I think authentication is up an running.

Each time when I try to login with username and password I got a message that the remote server can't be reached or that the credentials are incorrect.
I can't find any login entry in catalina.out, alfresco.log, share.log.

By the time I have no idea what's wrong.
So any help pointing me in the right direction would be appreciated.

Regards

Sebastian Mißfeldt

Outcomes