Jump to content

OpenVPN-ALS (Adito) DFS problems [FIXED]


linuxx
 Share

Recommended Posts

We use DFS exclusively with our internal file shares. Since our company has started a global initiative with our partners, and international facilities, we found more of a need to deploy something to give access to our corporate DFS tree from anywhere in the world. When we found OpenVPN-ALS (Adito) on a episode of Hak5, we were excited about the opportunities it would open. OpenVPN installed seamlessly in a VMware Ubuntu box without trouble. It was very easy to integrate with our Active Directory. We ran into the first SNAFU with DFS. Every time we would hit a DFS leaf that was supposed to transverse to another file server we would receive the following error...

ERROR FileSystemViewDispatchAction - File system error:org.apache.commons.vfs.FileSystemException: Could not list the contents of folder "smb://user:********@fileserver.domain.local/root/Accounting/yadda/yadda".
    at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:552)
    at com.adito.networkplaces.NetworkPlaceVFSResource.getChildren(NetworkPlaceVFSResource.java:86)
    at com.adito.networkplaces.actions.FileSystemViewDispatchAction.buildModel(FileSystemViewDispatchAction.java:470)
    at com.adito.networkplaces.actions.FileSystemViewDispatchAction.list(FileSystemViewDispatchAction.java:413)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274)
    at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194)
    at com.adito.core.actions.DefaultDispatchAction.execute(DefaultDispatchAction.java:42)
    at com.adito.core.actions.AuthenticatedDispatchAction.execute(AuthenticatedDispatchAction.java:196)
    at com.adito.core.actions.AbstractPopupAuthenticatedDispatchAction.execute(AbstractPopupAuthenticatedDispatchAction.java:87)
    at com.adito.networkplaces.actions.FileSystemViewDispatchAction.execute(FileSystemViewDispatchAction.java:138)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
    at com.adito.core.CoreRequestProcessor.processActionPerform(CoreRequestProcessor.java:198)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
    at com.adito.core.CoreRequestProcessor.process(CoreRequestProcessor.java:129)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:594)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
    at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:426)
    at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:831)
    at com.adito.core.filters.CompressionFilter.doFilter(CompressionFilter.java:79)
    at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:822)
    at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:472)
    at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:555)
    at org.mortbay.http.HttpContext.handle(HttpContext.java:1562)
    at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:622)
    at org.mortbay.http.HttpContext.handle(HttpContext.java:1514)
    at org.mortbay.http.HttpServer.service(HttpServer.java:955)
    at org.mortbay.http.HttpConnection.service(HttpConnection.java:813)
    at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:980)
    at org.mortbay.http.HttpConnection.handle(HttpConnection.java:830)
    at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:243)
    at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:356)
    at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:533)
Caused by: jcifs.smb.SmbException: The system cannot find the path specified.
    at jcifs.smb.SmbTransport.checkStatus(SmbTransport.java:510)
    at jcifs.smb.SmbTransport.send(SmbTransport.java:587)
    at jcifs.smb.SmbSession.send(SmbSession.java:231)
    at jcifs.smb.SmbTree.send(SmbTree.java:102)
    at jcifs.smb.SmbFile.send(SmbFile.java:689)
    at jcifs.smb.SmbFile.doFindFirstNext(SmbFile.java:1698)
    at jcifs.smb.SmbFile.list(SmbFile.java:1563)
    at jcifs.smb.SmbFile.list(SmbFile.java:1455)
    at org.apache.commons.vfs.provider.smb.SmbFileObject.doListChildren(SmbFileObject.java:126)
    at org.apache.commons.vfs.provider.AbstractFileObject.getChildren(AbstractFileObject.java:548)

Through some searching I found that this error was a bug in the older version of jcifs. I searched around and found that adito-0.9.1 used jcifs v1.2.13 (please correct me if I am wrong). The bug with DFS was corrected with jcifs v1.2.24. When you go to the jcifs website, they have a downloadable version of 1.2.25. So I used the following steps to patch our OpenVPN-ALS (we installed it in /opt/adito-0.9.1/)

cd /opt/adito-0.9.1/webapp/WEB-INF/lib/
mv adito-jcifs.jar adito-jcifs.jar.backup
wget http://jcifs.samba.org/src/jcifs-1.2.25.jar
mv jcifs-1.2.25.jar adito-jcifs.jar

Then bounce OpenVPN-ALS and DFS should work.

**EDIT**

I still had issues with DFS after this patch. Here was my log...

[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.
[main-2] INFO  FileSystemViewDispatchAction - Unable to display file ***** as it is an imaginary file.

After further discovery I found that I needed a newer version of jcifs. I tried jcifs-1.3.12.jar, but when I would open the "Network Place" it would prompt me for credentials. I tried DOMAIN\username, username@domain.local, etc without luck. Then I noticed jcifs-krb5-1.3.12.jar in http://jcifs.samba.org/src/. I downloaded that, renamed it adito-jcifs.jar and tried again. I was prompted for credentials again, but this time DOMAIN\username worked. So I changed the network place username to DOMAIN\${session:username}. Now it works without any problems.

**New Steps**

cd /opt/adito-0.9.1/webapp/WEB-INF/lib/
mv adito-jcifs.jar adito-jcifs.jar.backup
wget http://jcifs.samba.org/src/jcifs-krb5-1.3.12.jar
mv jcifs-krb5-1.3.12.jar adito-jcifs.jar

Linuxx

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...