Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Hi Luigi, Others have also run into this exception, from one or more SharePoint web services. It is a server side catch-all exception which tells us very little. You may get more details by looking at the server's event logs. SharePoint also has a log you can look at which may be even more helpful. In my experience, this is often the result of administrators changing the system's permissions in ways that cause SharePoint's web services to stop functioning correctly. At MetaCarta we never would see this on fresh SharePoint installations, but only on those where SharePoint was first installed, and then afterwards people made adjustments to the system permissions. I hope you have access to a competent SharePoint system administrator, because without that, it will be very hard to resolve this problem. Thanks, Karl On Thu, Dec 6, 2012 at 5:12 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, I'm trying to put into Solr my SharPoint documents from Shared Documents. What do you think about this exception ? Permission problems again or ? DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Getting version of '/Shared Documents//' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Checking whether to include library '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Library '/Shared Documents' exactly matched rule path '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Including library '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Processing: '/Shared Documents//' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Document identifier is a library: '/Shared Documents' DEBUG 2012-12-06 11:02:09,515 (Worker thread '3') - Enter: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,000 (Worker thread '3') - Exit: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,031 (Worker thread '3') - Enter: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,406 (Worker thread '3') - Exit: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,421 (Worker thread '3') - SharePoint: Got an unknown remote exception getting child documents for site guid {CC072748-E1EE-4F34-B120-FAF33273A616} - axis fault = Server.Dsp.Connect, detail = Cannot open the requested Sharepoint Site. - retrying AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.Dsp.Connect faultSubcode: faultString: Cannot open the requested Sharepoint Site. faultActor: faultNode: faultDetail: {http://schemas.microsoft.com/sharepoint/dsp}queryResponse:dsQueryResponse status=failure/ Cannot open the requested Sharepoint Site. I send you manifoldcf.log. Thanks. Luigi 2012/12/5 Luigi D'Addario luigi.dadda...@googlemail.com ..and I, finally, tomorrow will try to put into Solr my SharPoint documents ! 2012/12/5 Karl Wright daddy...@gmail.com I'll have to figure out how to get this patched httpcomponents release into the field
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
If you have access to the SharePoint installation media itself, one approach would be to try to install your own version of SharePoint on a similar environment. Prove to yourself (and others) that you can actually crawl on that SharePoint. Then, based on what the target system's event logs and SharePoint logs tell you, you can start modifying settings and module permissions to match the fresh installation's, until it works. You can also save yourself some time by getting the actual request being done using http wire debugging in ManifoldCF, and then trying that request over and over with curl until you get it to not fail. Thanks, Karl On Thu, Dec 6, 2012 at 6:29 AM, Karl Wright daddy...@gmail.com wrote: Hi Luigi, Others have also run into this exception, from one or more SharePoint web services. It is a server side catch-all exception which tells us very little. You may get more details by looking at the server's event logs. SharePoint also has a log you can look at which may be even more helpful. In my experience, this is often the result of administrators changing the system's permissions in ways that cause SharePoint's web services to stop functioning correctly. At MetaCarta we never would see this on fresh SharePoint installations, but only on those where SharePoint was first installed, and then afterwards people made adjustments to the system permissions. I hope you have access to a competent SharePoint system administrator, because without that, it will be very hard to resolve this problem. Thanks, Karl On Thu, Dec 6, 2012 at 5:12 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, I'm trying to put into Solr my SharPoint documents from Shared Documents. What do you think about this exception ? Permission problems again or ? DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Getting version of '/Shared Documents//' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Checking whether to include library '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Library '/Shared Documents' exactly matched rule path '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Including library '/Shared Documents' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Processing: '/Shared Documents//' DEBUG 2012-12-06 11:02:09,500 (Worker thread '3') - SharePoint: Document identifier is a library: '/Shared Documents' DEBUG 2012-12-06 11:02:09,515 (Worker thread '3') - Enter: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,000 (Worker thread '3') - Exit: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,031 (Worker thread '3') - Enter: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,406 (Worker thread '3') - Exit: CommonsHTTPSender::invoke DEBUG 2012-12-06 11:02:10,421 (Worker thread '3') - SharePoint: Got an unknown remote exception getting child documents for site guid {CC072748-E1EE-4F34-B120-FAF33273A616} - axis fault = Server.Dsp.Connect, detail = Cannot open the requested Sharepoint Site. - retrying AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.Dsp.Connect faultSubcode: faultString: Cannot open the requested Sharepoint Site. faultActor: faultNode: faultDetail: {http://schemas.microsoft.com/sharepoint/dsp}queryResponse:dsQueryResponse status=failure/ Cannot open the requested Sharepoint Site. I send you manifoldcf.log. Thanks. Luigi 2012/12/5 Luigi D'Addario luigi.dadda...@googlemail.com ..and I, finally, tomorrow will try to put into Solr my SharPoint documents ! 2012/12/5 Karl Wright daddy...@gmail.com I'll have to figure out how to get this patched httpcomponents release into the field
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! The user was logged on using NTLM* In manifoldcf.log i founded this error but i think is not related with 401: ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale 'it': Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; trying it java.util.MissingResourceException: Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The warning is coming from the part of commons-httpclient that is trying to set up communication with your SharePoint instance. It thinks it needs to use SPNEGO to figure out the authentication mechanism, and it seems to be trying to load kerberos 5 configuration information, which means that it thinks Kerberos is the authentication mechanism of choice. (1) Are you sure that your SharePoint IIS is not configured to use Kerberos auth? (2) What command-line arguments are you giving to the JVM that is running ManifoldCF? Karl On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Hello, I have installed apache-manifoldcf-1.0.1 on my Windows XP and apache-manifoldcf-sharepoint-2007-plugin on my SharePoint 2007 server. (a virtual machine). I can see the Permissions Page when I enter http://x:x/sub_directory/_vti_bin/MCPermissions.asmx in my browser. When I try to make a SharePoint Services 3.0 (2007) connection to my SharePoint 2007 server in the ManifoldCF interface I get this error: Crawl user did not authenticate properly, or has insufficient permissions to accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401 Unauthorized Via curl i get first a 401 and then a 200 status: curl --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 401 Unauthorized Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACHAAcADg1goniwKcRCkDsTOwAAMo AygBUBQLODg9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0 AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4 AAA== X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Date: Mon, 26 Nov 2012 21:47:30 GMT * Ignoring the response-body * Connection #0 to host vm-shpt2k7 left intact * Issue another request to this URL: 'http://vm-shpt2k7/KireyRep/_vti_bin/MCPerm issions.asmx' * Re-using existing connection! (#0) with host (nil) * Connected to (nil) (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAADGAAYAJAYABgAqBQAFABIHAAcAFwAAA AYABgAeBAAEADANYKI4gUBKAoPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! The user was logged on using NTLM* In manifoldcf.log i founded this error but i think is not related with 401: ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale 'it': Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; trying it java.util.MissingResourceException: Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The warning is coming from the part of commons-httpclient that is trying to set up communication with your SharePoint instance. It thinks it needs to use SPNEGO to figure out the authentication mechanism, and it seems to be trying to load kerberos 5 configuration information, which means that it thinks Kerberos is the authentication mechanism of choice. (1) Are you sure that your SharePoint IIS is not configured to use Kerberos auth? (2) What command-line arguments are you giving to the JVM that is running ManifoldCF? Karl On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Hello, I have installed apache-manifoldcf-1.0.1 on my Windows XP and apache-manifoldcf-sharepoint-2007-plugin on my SharePoint 2007 server. (a virtual machine). I can see the Permissions Page when I enter http://x:x/sub_directory/_vti_bin/MCPermissions.asmx in my browser. When I try to make a SharePoint Services 3.0 (2007) connection to my SharePoint 2007 server in the ManifoldCF interface I get this error: Crawl user did not authenticate properly, or has insufficient permissions to accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401 Unauthorized Via curl i get first a 401 and then a 200 status: curl --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 401 Unauthorized Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACHAAcADg1goniwKcRCkDsTOwAAMo AygBUBQLODg9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0 AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4 AAA== X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Date: Mon, 26 Nov 2012 21:47:30 GMT * Ignoring the response-body * Connection #0 to host vm-shpt2k7 left intact * Issue another request to this URL: 'http://vm-shpt2k7/KireyRep/_vti_bin/MCPerm issions.asmx' * Re-using existing
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! The user was logged on using NTLM* In manifoldcf.log i founded this error but i think is not related with 401: ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale 'it': Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; trying it java.util.MissingResourceException: Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The warning is coming from the part of commons-httpclient that is trying to set up communication with your SharePoint instance. It thinks it needs to use SPNEGO to figure out the authentication mechanism, and it seems to be trying to load kerberos 5 configuration information, which means that it thinks Kerberos is the authentication mechanism of choice. (1) Are you sure that your SharePoint IIS is not configured to use Kerberos auth? (2) What command-line arguments are you giving to the JVM that is running ManifoldCF? Karl On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Hello, I have installed apache-manifoldcf-1.0.1 on my Windows XP and apache-manifoldcf-sharepoint-2007-plugin on my SharePoint 2007 server. (a virtual machine). I can see the Permissions Page when I enter http://x:x/sub_directory/_vti_bin/MCPermissions.asmx in my browser. When I try to make a SharePoint Services 3.0 (2007) connection to my SharePoint 2007 server in the ManifoldCF interface I get this error: Crawl user did not authenticate properly, or has insufficient permissions to accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401 Unauthorized Via curl i get first a 401 and then a 200 status: curl --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 401 Unauthorized Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACHAAcADg1goniwKcRCkDsTOwAAMo AygBUBQLODg9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Ok, can you try a fully-qualified domain name, rather than the abbreviated one you have given, for the credentials? Also, you might want to look at the server-side event logs for the reason for the authentication failure. Thanks, Karl On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! The user was logged on using NTLM* In manifoldcf.log i founded this error but i think is not related with 401: ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale 'it': Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; trying it java.util.MissingResourceException: Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The warning is coming from the part of commons-httpclient that is trying to set up communication with your SharePoint instance. It thinks it needs to use SPNEGO to figure out the authentication mechanism, and it seems to be trying to load kerberos 5 configuration information, which means that it thinks Kerberos is the authentication mechanism of choice. (1) Are you sure that your SharePoint IIS is not configured to use Kerberos auth? (2) What command-line arguments are you giving to the JVM that is running ManifoldCF? Karl On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Hello, I have installed apache-manifoldcf-1.0.1 on my Windows XP and apache-manifoldcf-sharepoint-2007-plugin on my SharePoint 2007 server. (a virtual machine). I can see the Permissions Page when I enter http://x:x/sub_directory/_vti_bin/MCPermissions.asmx in my browser. When I try to make a SharePoint Services 3.0 (2007) connection to my SharePoint 2007 server in the ManifoldCF interface I get this error: Crawl user did not authenticate properly, or has insufficient permissions to accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401 Unauthorized Via curl i get first a 401 and then a 200 status: curl --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Karl, I tried many credential combination .. always 401 .. From server log, with ManifoldCF UI interface (in POST), 401 error: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2012-11-27 15:38:37 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 2 2148074254 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 0 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252 With direct call via http (http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET): 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401* 2 2148074254 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401 *1 0 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *200* 0 0 It's quite a conundrum ... 2012/11/27 Karl Wright daddy...@gmail.com Ok, can you try a fully-qualified domain name, rather than the abbreviated one you have given, for the credentials? Also, you might want to look at the server-side event logs for the reason for the authentication failure. Thanks, Karl On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! The user was logged on using NTLM* In manifoldcf.log i founded this error but i think is not related with 401: ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for locale 'it': Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; trying it java.util.MissingResourceException: Can't find bundle for base name org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The warning is coming from the part of commons-httpclient that is trying to set up communication with your SharePoint instance. It thinks it needs to
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Just on a whim, can you try POST with curl also? It is possible that POSTs are blocked in some way. If that doesn't work, then your security settings are prohibiting post. If that DOES work, then I'd like you to download a ManifoldCF 1.1-dev image from http://people.apache.org/~kwright/apache-manifoldcf-1.1-dev , and try that. This uses httpcomponents rather than our special commons-httpclient version. If none of this helps, getting a packet capture of both a curl POST and the comparable ManifoldCF attempt may well show us what the key issue is. It's possible that there is a header or something your IIS is rejecting, for instance. Thanks, Karl On Tue, Nov 27, 2012 at 11:06 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, I tried many credential combination .. always 401 .. From server log, with ManifoldCF UI interface (in POST), 401 error: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2012-11-27 15:38:37 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 2 2148074254 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 0 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252 With direct call via http (http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET): 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401* 2 2148074254 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401 *1 0 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *200* 0 0 It's quite a conundrum ... 2012/11/27 Karl Wright daddy...@gmail.com Ok, can you try a fully-qualified domain name, rather than the abbreviated one you have given, for the credentials? Also, you might want to look at the server-side event logs for the reason for the authentication failure. Thanks, Karl On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root AccessFlags=AccessExecute | AccessRead | AccessWrite | AccessScript AppFriendlyName=Root AppIsolated=2 AppPoolId=SharePoint - 80 AppRoot=/LM/W3SVC/662429156/Root AuthFlags=*AuthNTLM* ContentIndexed=FALSE DefaultLogonDomain=services-kirey.lan DoDynamicCompression=TRUE DoStaticCompression=TRUE HttpCustomHeaders=X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 *NTAuthenticationProviders=Negotiate,NTLM* Path=C:\Inetpub\wwwroot\wss\VirtualDirectories\80 Ok, i have first Negotiate, but if I force only NTLM (* NTAuthenticationProviders=NTLM*), manifoldcf.log *not recorder any messages* !! With a simply asp script running on my Sharepoint Server page i tried to get authentication mode via http and this is the result: with *NTAuthenticationProviders=NTLM:* *User Id = VM-SHPT2K7\Administrator The user was logged in using the NTLM authentication method.* with *NTAuthenticationProviders=Negotiate,NTLM:* * * *User Id =
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Karl, via curl in POST i get a HTTP/1.1 *411 Length Required* * * It meand that POST is blocked ? curl -X POST --ntlm -u vm-shpt2k7\\administrator http://vm-s hpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 *411 Length Required* Content-Type: text/html Date: Tue, 27 Nov 2012 16:32:06 GMT Connection: close Content-Length: 24 h1Length Required/h1* Closing connection #0 2012/11/27 Karl Wright daddy...@gmail.com Just on a whim, can you try POST with curl also? It is possible that POSTs are blocked in some way. If that doesn't work, then your security settings are prohibiting post. If that DOES work, then I'd like you to download a ManifoldCF 1.1-dev image from http://people.apache.org/~kwright/apache-manifoldcf-1.1-dev , and try that. This uses httpcomponents rather than our special commons-httpclient version. If none of this helps, getting a packet capture of both a curl POST and the comparable ManifoldCF attempt may well show us what the key issue is. It's possible that there is a header or something your IIS is rejecting, for instance. Thanks, Karl On Tue, Nov 27, 2012 at 11:06 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, I tried many credential combination .. always 401 .. From server log, with ManifoldCF UI interface (in POST), 401 error: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2012-11-27 15:38:37 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 2 2148074254 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 0 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252 With direct call via http (http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET): 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401* 2 2148074254 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401 *1 0 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *200* 0 0 It's quite a conundrum ... 2012/11/27 Karl Wright daddy...@gmail.com Ok, can you try a fully-qualified domain name, rather than the abbreviated one you have given, for the credentials? Also, you might want to look at the server-side event logs for the reason for the authentication failure. Thanks, Karl On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS is not configured to use* *Kerberos auth?* On Sharepoint Server, in the MetaBase.xml i have IIsWebVirtualDir Location =/LM/W3SVC/662429156/Root
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
You need to use the --data option, not -X. Karl On Tue, Nov 27, 2012 at 11:37 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, via curl in POST i get a HTTP/1.1 *411 Length Required* * * It meand that POST is blocked ? curl -X POST --ntlm -u vm-shpt2k7\\administrator http://vm-s hpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 *411 Length Required* Content-Type: text/html Date: Tue, 27 Nov 2012 16:32:06 GMT Connection: close Content-Length: 24 h1Length Required/h1* Closing connection #0 2012/11/27 Karl Wright daddy...@gmail.com Just on a whim, can you try POST with curl also? It is possible that POSTs are blocked in some way. If that doesn't work, then your security settings are prohibiting post. If that DOES work, then I'd like you to download a ManifoldCF 1.1-dev image from http://people.apache.org/~kwright/apache-manifoldcf-1.1-dev , and try that. This uses httpcomponents rather than our special commons-httpclient version. If none of this helps, getting a packet capture of both a curl POST and the comparable ManifoldCF attempt may well show us what the key issue is. It's possible that there is a header or something your IIS is rejecting, for instance. Thanks, Karl On Tue, Nov 27, 2012 at 11:06 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, I tried many credential combination .. always 401 .. From server log, with ManifoldCF UI interface (in POST), 401 error: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2012-11-27 15:38:37 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 2 2148074254 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 0 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252 With direct call via http ( http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET): 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401* 2 2148074254 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401 *1 0 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *200* 0 0 It's quite a conundrum ... 2012/11/27 Karl Wright daddy...@gmail.com Ok, can you try a fully-qualified domain name, rather than the abbreviated one you have given, for the credentials? Also, you might want to look at the server-side event logs for the reason for the authentication failure. Thanks, Karl On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: well, on SharePoint Server: *NTAuthenticationProviders=NTLM* * * on ManifoldCF UI interface, error: Parameters: serverLocation=/KireyRep serverPort=80 serverVersion=3.0 userName=VM-SHPT2K7\Administrator serverProtocol=http serverName=vm-shpt2k7.services-kirey.lan password= Connection status:Crawl user did not authenticate properly, or has insufficient permissions to access http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 Unauthorized* on manifoldcf.log *no error trace !* 2012/11/27 Karl Wright daddy...@gmail.com Hi Luigi, The Negotiate is clearly part of the problem; please leave that out. The log entries you mention are indeed harmless warnings that we don't have an Italian localization yet. When you view the connection in the UI, what do you see now? Karl On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: hi Karl, thanks for your reply. *(1) Are you sure that your SharePoint IIS
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Thanks :o] *HTTP/1.1 401 Unauthorized* + *HTTP/1.1 500 Internal Server Error* curl --data POST --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* Content-Length: 0 Content-Type: application/x-www-form-urlencoded *HTTP/1.1 401 Unauthorized* Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACHAAcADg1goniAo2Exi/3+LAAAMo AygBUBQLODg9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0 AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4 AAA== X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Date: Tue, 27 Nov 2012 16:44:14 GMT * Ignoring the response-body * Connection #0 to host vm-shpt2k7 left intact * Issue another request to this URL: ' http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx' * Re-using existing connection! (#0) with host (nil) * Connected to (nil) (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAADGAAYAJAYABgAqBQAFABIHAAcAFwAAA AYABgAeBAAEADANYKI4gUBKAoPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwA/F/Dh4QXrhYAAA AADC8nQrN/CSjOrtwdcX5eneq+k+ZoTa0H5pip2sZd+GXoCE/Z+1QHfg== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* Content-Length: 4 Content-Type: application/x-www-form-urlencoded * upload completely sent off: 4 out of 4 bytes *HTTP/1.1 500 Internal Server Error* Date: Tue, 27 Nov 2012 16:44:15 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: application/soap+xml; charset=utf-8 Content-Length: 521 ?xml version=1.0 encoding=utf-8?soap:Envelope xmlns:soap= http://www.w3.o rg/2003/05/soap-envelope xmlns:xsi= http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema soap:Bodysoap:Faultsoap:Code soap:Valuesoap:Receiver/soap:Value/soap:Codesoap:Reasonsoap:Text xml:lan g=itImpossibile elaborare la richiesta. ---gt; Rilevati dati non validi al l ivello principale. Riga 1, posizione 1./soap:Text/soap:Reasonsoap:Detail / /soap:Fault/soap:Body/soap:Envelope* Connection #0 to host (nil) left inta ct * Closing connection #0 And from server log: 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx - 80 - 192.168.49.65 curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0 *401* 1 0 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx - 80 vm-shpt2k7\Administrator 192.168.49.65 curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0 *500* 0 0 2012/11/27 Karl Wright daddy...@gmail.com You need to use the --data option, not -X. Karl On Tue, Nov 27, 2012 at 11:37 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, via curl in POST i get a HTTP/1.1 *411 Length Required* * * It meand that POST is blocked ? curl -X POST --ntlm -u vm-shpt2k7\\administrator http://vm-s hpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* HTTP/1.1 *411 Length Required* Content-Type: text/html Date: Tue, 27 Nov 2012 16:32:06 GMT Connection: close Content-Length: 24 h1Length Required/h1* Closing connection #0 2012/11/27 Karl Wright daddy...@gmail.com Just on a whim, can you try POST with curl also? It is possible that POSTs are blocked in some way. If that doesn't work, then your security settings are
Re: SharePoint 2007 Connector - (401)HTTP/1.1 401 Unauthorized
Curl with POST then works. So the next step is to turn on wire debugging. See https://cwiki.apache.org/confluence/display/CONNECTORS/Debugging+Connections. Repeat the connection attempt with ManifoldCF, and send me the output. I want to verify that the headers (apart from the NTLM www-authenticate headers) are the same. Thanks! Karl On Tue, Nov 27, 2012 at 11:54 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Thanks :o] *HTTP/1.1 401 Unauthorized* + *HTTP/1.1 500 Internal Server Error* curl --data POST --ntlm -u vm-shpt2k7\\administrator http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAABt4II4gAFASgKDw== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* Content-Length: 0 Content-Type: application/x-www-form-urlencoded *HTTP/1.1 401 Unauthorized* Content-Length: 1539 Content-Type: text/html Server: Microsoft-IIS/6.0 WWW-Authenticate: NTLM TlRMTVNTUAACHAAcADg1goniAo2Exi/3+LAAAMo AygBUBQLODg9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0 AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4 AAA== X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 Date: Tue, 27 Nov 2012 16:44:14 GMT * Ignoring the response-body * Connection #0 to host vm-shpt2k7 left intact * Issue another request to this URL: ' http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx' * Re-using existing connection! (#0) with host (nil) * Connected to (nil) (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM TlRMTVNTUAADGAAYAJAYABgAqBQAFABIHAAcAFwAAA AYABgAeBAAEADANYKI4gUBKAoPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwA/F/Dh4QXrhYAAA AADC8nQrN/CSjOrtwdcX5eneq+k+ZoTa0H5pip2sZd+GXoCE/Z+1QHfg== User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 OpenSSL/0.9.8u zlib/1.2 .6 libssh2/1.4.0 Host: vm-shpt2k7 Accept: */* Content-Length: 4 Content-Type: application/x-www-form-urlencoded * upload completely sent off: 4 out of 4 bytes *HTTP/1.1 500 Internal Server Error* Date: Tue, 27 Nov 2012 16:44:15 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 12.0.0.6421 X-AspNet-Version: 2.0.50727 Cache-Control: private Content-Type: application/soap+xml; charset=utf-8 Content-Length: 521 ?xml version=1.0 encoding=utf-8?soap:Envelope xmlns:soap= http://www.w3.o rg/2003/05/soap-envelope xmlns:xsi= http://www.w3.org/2001/XMLSchema-instance; xmlns:xsd=http://www.w3.org/2001/XMLSchema soap:Bodysoap:Faultsoap:Code soap:Valuesoap:Receiver/soap:Value/soap:Codesoap:Reasonsoap:Text xml:lan g=itImpossibile elaborare la richiesta. ---gt; Rilevati dati non validi al l ivello principale. Riga 1, posizione 1./soap:Text/soap:Reasonsoap:Detail / /soap:Fault/soap:Body/soap:Envelope* Connection #0 to host (nil) left inta ct * Closing connection #0 And from server log: 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx - 80 - 192.168.49.65 curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0 *401* 1 0 2012-11-27 16:44:14 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/MCPermissions.asmx - 80 vm-shpt2k7\Administrator 192.168.49.65 curl/7.25.0+(i386-pc-win32)+libcurl/7.25.0+OpenSSL/0.9.8u+zlib/1.2.6+libssh2/1.4.0 *500* 0 0 2012/11/27 Karl Wright daddy...@gmail.com You need to use the --data option, not -X. Karl On Tue, Nov 27, 2012 at 11:37 AM, Luigi D'Addario luigi.dadda...@googlemail.com wrote: Karl, via curl in POST i get a HTTP/1.1 *411 Length Required* * * It meand that POST is blocked ? curl -X POST --ntlm -u vm-shpt2k7\\administrator http://vm-s hpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v Enter host password for user 'vm-shpt2k7\\administrator': * About to connect() to vm-shpt2k7 port 80 (#0) * Trying 192.168.30.42... * connected * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) * Server auth using NTLM with user 'vm-shpt2k7\\administrator' POST /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 Authorization: NTLM