AnsweredAssumed Answered

5.0.d - CIFS SMB Exception - passthru and ldap  properties included

Question asked by dataman on Jun 19, 2015
Latest reply on Jun 22, 2015 by dataman
Trying to get CIFs working.
Version: 5.0.d


Note I did remove sections that contained passwords and other things we really don't want leaving here.

LDAP authentication seems to work just fine in the web portal. I have done the Local settings in windows change to allow NTLM following the guide here http://docs.alfresco.com/4.0/tasks/troubleshoot-ntlm.html

After I attempt the logon I recieve that my network password is incorrect (Same credentials I use to successfully log into the web portal with and without the domain prefix)

I turned on debugging logging by going to \tomcat\webapps\alfresco\web-inf\classes\log4j.properties and set the root logger to
log4j.rootLogger=debug, Console, File to allow extra logs

The only logs I recieve about SMB are here:
2015-06-19 15:47:05,757 ERROR [org.alfresco.filesys.auth.cifs.PassthruCifsAuthenticator] [AlfJLANWorker25] org.alfresco.jlan.smb.SMBException: Invalid parameter
2015-06-19 15:47:05,772 ERROR [org.alfresco.filesys.auth.cifs.PassthruCifsAuthenticator] [AlfJLANWorker2] org.alfresco.jlan.smb.SMBException: Invalid parameter

Am I missing something obvious?


Error Logs:


###############################
## Common Alfresco Properties #
###############################


# The server mode. Set value here
# UNKNOWN | TEST | BACKUP | PRODUCTION
system.serverMode=UNKNOWN




### E-mail site invitation setting ###
notification.email.siteinvite=false


### Solr indexing ###
index.subsystem.name=solr4
dir.keystore=${dir.root}/keystore
solr.port.ssl=8443

### BPM Engine ###
system.workflow.engine.jbpm.enabled=false

### Allow extended ResultSet processing
security.anyDenyDenies=false

mail.host=mailrelay
mail.port=25
mail.username=
mail.password=
mail.encoding=UTF-8
mail.from.default=noreply@noone.com
mail.smtp.auth=false

mail.testmessage.text=The Outbound SMTP email subsystem is working.

### CIFS/SMB Server Configuration ###
cifs.enabled=true
cifs.domain=ld.local
cifs.serverName=${localname}a
cifs.hostannounce=true

#CIFS with LDAP We have to use passthru for CIFS due to limitations in how cifs has to authenticate
ntlm.authentication.authenticateCIFS=false
ntlm.authentication.sso.enabled=false #Must be disabled to allow chained password-based login


#ntlm.authentication.mapUnknownUserToGuest=false

alfresco.authentication.authenticateCIFS=false
#alfresco.authentication.allowGuestLogin=false


passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.guestAccess=false
passthru.authentication.defaultAdministratorUserNames=supersecretusername
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
passthru.authentication.servers=LD\\123.12.12.12
passthru.authentication.authenticateCIFS=true
passthru.authentication.offlineCheckInterval=300

#LDAP authentication
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@ld.local
ldap.authentication.java.naming.provider.url=ldap://ld.local:389
ldap.authentication.defaultAdministratorUserNames=secretusername
ldap.authentication.active=false
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=CN\=alfresco,OU\=ServiceAccounts, (TRUNCATED)
ldap.synchronization.java.naming.security.credentials=superdupersecret
ldap.synchronization.groupSearchBase=OU\=Groups,(TRUNCATED)
ldap.synchronization.userSearchBase=OU\=Users,(TRUNCATED)


authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap1:ldap
ntlm.authentication.sso.enabled=false

Outcomes