We use DFS exclusively with our internal file shares. Since our company has started a global initiative with our partners, and international facilities, we found more of a need to deploy something to give access to our corporate DFS tree from anywhere in the world. When we found OpenVPN-ALS (Adito) on a episode of Hak5, we were excited about the opportunities it would open. OpenVPN installed seamlessly in a VMware Ubuntu box without trouble. It was very easy to integrate with our Active Directory. We ran into the first SNAFU with DFS. Every time we would hit a DFS leaf that was supposed to transverse to another file server we would receive the following error...
ERROR FileSystemViewDispatchAction - File system error:org.apache.commons.vfs.FileSystemException: Could not list the contents of folder "smb://user:********@fileserver.domain.local/root/Accounting/yadda/yadda".
at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:552)
at com.adito.networkplaces.NetworkPlaceVFSResource.getChildren(NetworkPlaceVFSResource.java:86)
at com.adito.networkplaces.actions.FileSystemViewDispatchAction.buildModel(FileSystemViewDispatchAction.java:470)
at com.adito.networkplaces.actions.FileSystemViewDispatchAction.list(FileSystemViewDispatchAction.java:413)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274)
at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194)
at com.adito.core.actions.DefaultDispatchAction.execute(DefaultDispatchAction.java:42)
at com.adito.core.actions.AuthenticatedDispatchAction.execute(AuthenticatedDispatchAction.java:196)
at com.adito.core.actions.AbstractPopupAuthenticatedDispatchAction.execute(AbstractPopupAuthenticatedDispatchAction.java:87)
at com.adito.networkplaces.actions.FileSystemViewDispatchAction.execute(FileSystemViewDispatchAction.java:138)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
at com.adito.core.CoreRequestProcessor.processActionPerform(CoreRequestProcessor.java:198)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
at com.adito.core.CoreRequestProcessor.process(CoreRequestProcessor.java:129)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:594)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:426)
at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:831)
at com.adito.core.filters.CompressionFilter.doFilter(CompressionFilter.java:79)
at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:822)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:472)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:555)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1562)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:622)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1514)
at org.mortbay.http.HttpServer.service(HttpServer.java:955)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:813)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:980)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:830)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:243)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:356)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:533)
Caused by: jcifs.smb.SmbException: The system cannot find the path specified.
at jcifs.smb.SmbTransport.checkStatus(SmbTransport.java:510)
at jcifs.smb.SmbTransport.send(SmbTransport.java:587)
at jcifs.smb.SmbSession.send(SmbSession.java:231)
at jcifs.smb.SmbTree.send(SmbTree.java:102)
at jcifs.smb.SmbFile.send(SmbFile.java:689)
at jcifs.smb.SmbFile.doFindFirstNext(SmbFile.java:1698)
at jcifs.smb.SmbFile.list(SmbFile.java:1563)
at jcifs.smb.SmbFile.list(SmbFile.java:1455)
at org.apache.commons.vfs.provider.smb.SmbFileObject.doListChildren(SmbFileObject.java:126)
at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:548)
Through some searching I found that this error was a bug in the older version of jcifs. I searched around and found that adito-0.9.1 used jcifs v1.2.13 (please correct me if I am wrong). The bug with DFS was corrected with jcifs v1.2.24. When you go to the jcifs website, they have a downloadable version of 1.2.25. So I used the following steps to patch our OpenVPN-ALS (we installed it in /opt/adito-0.9.1/)
cd /opt/adito-0.9.1/webapp/WEB-INF/lib/
mv adito-jcifs.jar adito-jcifs.jar.backup
wget http://jcifs.samba.org/src/jcifs-1.2.25.jar
mv jcifs-1.2.25.jar adito-jcifs.jar
Then bounce OpenVPN-ALS and DFS should work.
**EDIT**
I still had issues with DFS after this patch. Here was my log...
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
After further discovery I found that I needed a newer version of jcifs. I tried jcifs-1.3.12.jar, but when I would open the "Network Place" it would prompt me for credentials. I tried DOMAIN\username, username@domain.local, etc without luck. Then I noticed jcifs-krb5-1.3.12.jar in http://jcifs.samba.org/src/. I downloaded that, renamed it adito-jcifs.jar and tried again. I was prompted for credentials again, but this time DOMAIN\username worked. So I changed the network place username to DOMAIN\${session:username}. Now it works without any problems.
**New Steps**
cd /opt/adito-0.9.1/webapp/WEB-INF/lib/
mv adito-jcifs.jar adito-jcifs.jar.backup
wget http://jcifs.samba.org/src/jcifs-krb5-1.3.12.jar
mv jcifs-krb5-1.3.12.jar adito-jcifs.jar
Linuxx