Can't access via Webdav

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
mojo-jojo
Member II

Can't access via Webdav

I installed the Alfresco 1.1.2 - Tomcat bundle on a linux server.  The web client works fine.  I am unable to get webdav or CIFS access to work though.

When I try to access is through the URL
http://server:8080/alfresco/webdav

I get a 500 HTTP error and I also have the following error in the Alfresco log.
14:57:32,019 ERROR [alfresco.webdav.protocol] No root node for request

I've tried all the suggestions that I could find on this message board.  Including adding my windows domain name to file-servers.xml.

The server I have alfresco installed on is also running samba for file sharing.    I turned it off while trying to get webdav to work.  Could this be cause of my headaches?

Is there something I am missing? Thanks in advance.
13 Replies
gary_spencer
Member II

Re: Can't access via Webdav

Hi,

Could you email me your alfresco.log file.

Cheers

Gary
mojo-jojo
Member II

Re: Can't access via Webdav

I was able to get webdav to work this morning. Samba was not shutting down properly which was causing the problems I was having.  But I am still unable to access via CIFS.

I know that name resolution is not the problem because I receive a prompt when trying to access the CIFS share.  But when I enter my alfresco username and password it just displays the prompt again.

So far I've tried entering the address of my WINS server into the file-servers.xml configuration file as well as my domain name.  This hasn't helped at all.

I do receive this error in the log though.

14:59:24,579 ERROR [org.alfresco.smb.protocol] Closing session due to exception
org.alfresco.filesys.netbios.NetBIOSException: NBREQ Called name is not this server (JOJO)
        at org.alfresco.filesys.smb.server.SMBSrvSession.procNetBIOSSessionRequest(SMBSrvSession.java:1019)
        at org.alfresco.filesys.smb.server.SMBSrvSession.run(SMBSrvSession.java:1533)
        at java.lang.Thread.run(Thread.java:595)


I've tried using the name JOJO_A and JOJO to access the share.  I even tried setting the host name to ${localname} and that didn't help.


What steps do I need to take in order for CIFS to work on a Linux server?  Should I keep samba turned off? Thanks.
gary_spencer
Member II

Re: Can't access via Webdav

Hi,

Samba should be turned off, although it is possible to run Samba and the Alfresco CIFS server at the same time it's easier to switch it off for now.

Try accessing the CIFS server using the IP address of the server in the UNC path, ie. \\n.n.n.n, via the Windows Start->Run menu.

Use the admin/admin username and password when prompted for the logon details when accessing the CIFS server. This can take a few attempts to be accepted, this is a problem I'm looking into.

Check if the broadcast mask setting is correct, the default value of 255.255.255.255 does not always work under linux.

Check the linux firewall settings, check that the Samba service/CIFS access is allowed.

Cheers

Gary
mojo-jojo
Member II

Re: Can't access via Webdav

I tried accessing the CIFS server by using the IP and I receive a logon prompt.  I enter the admin/admin username and password many times but it still doesn't let me in.

The machine I am trying to access it from is running WinXP Pro and is part of a 2003 domain.  So, everytime the login prompt pops up it adds the domain name to the username that I typed last ( DOMAIN_NAME/admin, which redirects authentication to my PDC). So I kept deleting that and replacing it with "admin" but it still didn't work.

If I remove the domain="" from the file-servers.xml config file and restart alfresco I don't even get a response when I try to access CIFS via ip (network path not found).

I also reconfigured the broadcast mask to the correct value but that didn't help either.  The firewall has been turned off the whole time.

Thanks.
gary_spencer
Member II

Re: Can't access via Webdav

Hi,

Can you check if the Windows client has any connections to the Alfresco CIFS server using 'net use'. If there are any connections delete them using 'net use \\server\share /d'. The IPC$ connection can cause some problems.

It sounds like the authentication requests are going to the Alfresco CIFS server, it would be worth switching on authentication debug by adding the line :-

log4j.logger.org.alfresco.smb.protocol.auth=debug

to the log4j.properties file in the WEB-INF/classes folder under the webapp.

Cheers

Gary
mojo-jojo
Member II

Re: Can't access via Webdav

This is what shows up in the log

18:43:18,398 DEBUG [org.alfresco.smb.protocol] Server session started
18:43:18,405 DEBUG [org.alfresco.smb.protocol] NT Session setup from user=admin, password=1698b5f713ea78565b090d3704c43513010100000000000004ac73574821c601b5b
eba15bf09cc3900000000020002004d000100020045000000000000000000, ANSIpwd=82668a458c9684d459866cc5b1cbe156b5beba15bf09cc39, domain=NTDOMAIN, os=Windows 2002 Service Pack 2 2600, VC=0, maxBuf=61440, maxMpx=4
18:43:18,405 DEBUG [org.alfresco.smb.protocol]   MID=8, UID=0, PID=65279
18:43:18,442 DEBUG [org.alfresco.smb.protocol.auth] Authenticated user admin sts=BadPassword via MD4
18:43:18,443 DEBUG [org.alfresco.smb.protocol] User admin, access denied
where NTDOMAIN is my Windows Domain Name

It looks like it is still trying to authenticate against the Active Directory causing the access denied message. Is there a way to prevent this from happening?
gary_spencer
Member II

Re: Can't access via Webdav

Hi,

The NTLM hashed password that the client has sent is longer than the normal NTLM1 hash would be so I suspect it's sent an NTLM2 hashed password or security blob. The strange thing is that it has also sent the weaker LanMan hashed password.

The current code only checks the NTLM hash, I'm looking into whether it's possible to fallback to checking the LanMan hash.

Cheers

Gary
mojo-jojo
Member II

Re: Can't access via Webdav

Thanks for the follow up  Smiley Very Happy


I currently have "Network security: Lan Manager authentication level" set to

Send NTLMv2 response only/refuse LM

Description:
Clients use NTLMv2 authentication only and use NTLMv2 session security if the server supports it. Domain controllers refuse LM and accept only NTLM and NTLMv2 authentication).

I really don't want to change this setting if I don't have to.  Are you planning on adding support for NTLMv2 anytime soon?
gary_spencer
Member II

Re: Can't access via Webdav

Hi,

NTLM2 support is something that needs to be researched. I don't think it's just a case of better encryption, I think there may be some shared secret between the client and domain controller which would require the Alfresco CIFS server joining the domain.

Cheers

Gary