AnsweredAssumed Answered

Alfresco 3.4.d and Win server 2008 R2 - a neverending story

Question asked by icarrara on Jun 3, 2011
Latest reply on Jun 3, 2011 by icarrara
Hi all,

I'm trying to install Alfresco 3.4.d on a Windows server 2008 R2 machine, to use SSO and CIFS… without success.
Of course, I'm able to log in via Web client (http://localhost:8080/alfresco/faces/jsp/login.jsp), Share, FTP, WebDAv BUT it is impossible to use CIFS and SSO.

I used the below steps - please, someone can help me ?

Thank you in advance !

Ivano C.

1) I'm using Alfresco community 3.4.d on Windows server 2008 R2 64 bit


2) Alfresco's shared properties:

#
# The default authentication chain
#————-
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru

#
alfresco.authentication.allowGuestLogin=false
alfresco.authentication.authenticateCIFS=false

#
passthru.authentication.domain=INTRANET
passthru.authentication.defaultAdministratorUserNames=administrator

#
# CIFS
#————-
cifs.enabled=true
cifs.serverName=DOC2
cifs.domain=INTRANET
cifs.hostannounce=true
cifs.urlfile.prefix=http://doc2.<myinternetdomain>:8080/alfresco/


NOTE: The above is a configuration copied from a Windows XP Pro 32 bit machine, where I can use SSO and CIFS very well !


3) On the Windows server 2008 R2 64 bit computer, I done the below steps:


3.1) I disabled the native SMB adding the registry key "SMBDeviceEnabled"=dword:00000000 within [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters].

Value name: SMBDeviceEnabled
Value type: REG_DWORD
0 = disabled


3.2) In Windows Firewall with Advanced Security application, clicked on the Inbound Rules item in the left hand column…
Scroll down to the File and Printer Sharing rules.

I enabled the following rules: File And Printer Sharing (NB-Datagram-In), File And Printer Sharing (NB-Name-In) and File And Printer Sharing (NB-Session-In).
I disabled the File And Printer Sharing (SMB-In) rule.
I left as is the other File And Printer Sharing (…) rules


4) In Windows registry added the below REG_DWORD key in the sub tree [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters]
Add a new REG_DWORD key with the name of Smb2

Value name: Smb2
Value type: REG_DWORD
0 = to disabled SMB 2.0



5) In the following registry [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NetBT\Parameters]

Double clicked the value "TransportBindName" and deleted the default value, thus giving it a blank value.


6) I rebooted the computer.


RESULTS
=======

After rebooting, I opened a command prompt and typed "netstat -an"

On port 0.0.0.0 and  [::] there is still the process listening on TCP port 445:

TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
TCP    [::]:445               [::]:0                 LISTENING

Moreover, if I try to do the command "net use O: \\doc2\Alfresco", I obtain the below:


System error 67
Impossible to find the network name

The above, either from local machine and from other machines on the LAN.


So, I restored the option "TransportBindName" to the value "\Device\" and rebooted the computer.


Now, i can reach the SMB server but it is impossible to login via CIFS - I tryed from the local machine and from other machines on the LAN.

In the Tomcat log I get the below error:


10:33:02,608  ERROR [smb.protocol.auth] org.alfresco.jlan.smb.SMBException: Logon failure


I opened a command prompt and typed "netstat -an" - the 445 port is still listening:


TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
TCP    [::]:445               [::]:0                 LISTENING


The process is NOT listening on 127.0.0.1 and 192.168.1.21 IP address, the last is the real IP address of the computer.


TCP    127.0.0.1:  (no 445)
TCP    192.168.1.21: (no 445)


The below is the state of the UDP protocols:

UDP    0.0.0.0:123            *:*
UDP    0.0.0.0:500            *:*
UDP    0.0.0.0:3702           *:*
UDP    0.0.0.0:3702           *:*
UDP    0.0.0.0:4500           *:*
UDP    0.0.0.0:5355           *:*
UDP    0.0.0.0:55296          *:*
UDP    0.0.0.0:63277          *:*
UDP    127.0.0.1:52700        *:*
UDP    127.0.0.1:52702        *:*
UDP    127.0.0.1:65272        *:*
UDP    192.168.1.21:137       *:*
UDP    192.168.1.21:138       *:*
UDP    [::]:123               *:*
UDP    [::]:500               *:*
UDP    [::]:3702              *:*
UDP    [::]:3702              *:*
UDP    [::]:4500              *:*
UDP    [::]:5355              *:*
UDP    [::]:55296             *:*
UDP    [::]:63278             *:*

Outcomes