linuxx

We use DFS exclusively with our internal file shares. Since our company has started a global initiative with our partners, and international facilities, we found more of a need to deploy something to give access to our corporate DFS tree from anywhere in the world. When we found OpenVPN-ALS (Adito) on a episode of Hak5, we were excited about the opportunities it would open. OpenVPN installed seamlessly in a VMware Ubuntu box without trouble. It was very easy to integrate with our Active Directory. We ran into the first SNAFU with DFS. Every time we would hit a DFS leaf that was supposed to transverse to another file server we would receive the following error... ERROR FileSystemViewDispatchAction - File system error:org.apache.commons.vfs.FileSystemException: Could not list the contents of folder "smb://user:********@fileserver.domain.local/root/Accounting/yadda/yadda". at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:552) at com.adito.networkplaces.NetworkPlaceVFSResource.getChildren(NetworkPlaceVFSResource.java:86) at com.adito.networkplaces.actions.FileSystemViewDispatchAction.buildModel(FileSystemViewDispatchAction.java:470) at com.adito.networkplaces.actions.FileSystemViewDispatchAction.list(FileSystemViewDispatchAction.java:413) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274) at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194) at com.adito.core.actions.DefaultDispatchAction.execute(DefaultDispatchAction.java:42) at com.adito.core.actions.AuthenticatedDispatchAction.execute(AuthenticatedDispatchAction.java:196) at com.adito.core.actions.AbstractPopupAuthenticatedDispatchAction.execute(AbstractPopupAuthenticatedDispatchAction.java:87) at com.adito.networkplaces.actions.FileSystemViewDispatchAction.execute(FileSystemViewDispatchAction.java:138) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419) at com.adito.core.CoreRequestProcessor.processActionPerform(CoreRequestProcessor.java:198) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224) at com.adito.core.CoreRequestProcessor.process(CoreRequestProcessor.java:129) at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414) at javax.servlet.http.HttpServlet.service(HttpServlet.java:594) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:426) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:831) at com.adito.core.filters.CompressionFilter.doFilter(CompressionFilter.java:79) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:822) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:472) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:555) at org.mortbay.http.HttpContext.handle(HttpContext.java:1562) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:622) at org.mortbay.http.HttpContext.handle(HttpContext.java:1514) at org.mortbay.http.HttpServer.service(HttpServer.java:955) at org.mortbay.http.HttpConnection.service(HttpConnection.java:813) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:980) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:830) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:243) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:356) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:533) Caused by: jcifs.smb.SmbException: The system cannot find the path specified. at jcifs.smb.SmbTransport.checkStatus(SmbTransport.java:510) at jcifs.smb.SmbTransport.send(SmbTransport.java:587) at jcifs.smb.SmbSession.send(SmbSession.java:231) at jcifs.smb.SmbTree.send(SmbTree.java:102) at jcifs.smb.SmbFile.send(SmbFile.java:689) at jcifs.smb.SmbFile.doFindFirstNext(SmbFile.java:1698) at jcifs.smb.SmbFile.list(SmbFile.java:1563) at jcifs.smb.SmbFile.list(SmbFile.java:1455) at org.apache.commons.vfs.provider.smb.SmbFileObject.doListChildren(SmbFileObject.java:126) at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:548) Through some searching I found that this error was a bug in the older version of jcifs. I searched around and found that adito-0.9.1 used jcifs v1.2.13 (please correct me if I am wrong). The bug with DFS was corrected with jcifs v1.2.24. When you go to the jcifs website, they have a downloadable version of 1.2.25. So I used the following steps to patch our OpenVPN-ALS (we installed it in /opt/adito-0.9.1/) cd /opt/adito-0.9.1/webapp/WEB-INF/lib/ mv adito-jcifs.jar adito-jcifs.jar.backup wget http://jcifs.samba.org/src/jcifs-1.2.25.jar mv jcifs-1.2.25.jar adito-jcifs.jar Then bounce OpenVPN-ALS and DFS should work. **EDIT** I still had issues with DFS after this patch. Here was my log... [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. [main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file. After further discovery I found that I needed a newer version of jcifs. I tried jcifs-1.3.12.jar, but when I would open the "Network Place" it would prompt me for credentials. I tried DOMAIN\username, username@domain.local, etc without luck. Then I noticed jcifs-krb5-1.3.12.jar in http://jcifs.samba.org/src/. I downloaded that, renamed it adito-jcifs.jar and tried again. I was prompted for credentials again, but this time DOMAIN\username worked. So I changed the network place username to DOMAIN\${session:username}. Now it works without any problems. **New Steps** cd /opt/adito-0.9.1/webapp/WEB-INF/lib/ mv adito-jcifs.jar adito-jcifs.jar.backup wget http://jcifs.samba.org/src/jcifs-krb5-1.3.12.jar mv jcifs-krb5-1.3.12.jar adito-jcifs.jar Linuxx