Karl, I tried many credential combination .. always 401 ..
>From server log, with ManifoldCF UI interface (in POST), 401 error: #Software: Microsoft Internet Information Services 6.0 #Version: 1.0 #Date: 2012-11-27 15:38:37 #Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST*/KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 2 2148074254 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 0 2012-11-27 15:38:37 W3SVC662429156 192.168.30.42 *POST */KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Axis/1.4 *401* 1 2148074252 With direct call via http (http://vm-shpt2k7/KireyRep/_vti_bin/lists.asmx), (in GET): 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401* 2 2148074254 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 - 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *401 *1 0 2012-11-27 15:43:48 W3SVC662429156 192.168.30.42 GET /KireyRep/_vti_bin/lists.asmx - 80 vm-shpt2k7\administrator 192.168.49.62 Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.4506.2152;+.NET+CLR+3.5.30729) *200* 0 0 It's quite a conundrum ... 2012/11/27 Karl Wright <daddy...@gmail.com> > Ok, can you try a fully-qualified domain name, rather than the abbreviated > one you have given, for the credentials? Also, you might want to look at > the server-side event logs for the reason for the authentication failure. > > Thanks, > Karl > > > > On Tue, Nov 27, 2012 at 9:04 AM, Luigi D'Addario < > luigi.dadda...@googlemail.com> wrote: > >> well, >> >> on SharePoint Server: >> >> *NTAuthenticationProviders="NTLM"* >> >> * >> * >> on ManifoldCF UI interface, error: >> >> Parameters: serverLocation=/KireyRep >> serverPort=80 >> serverVersion=3.0 >> userName=VM-SHPT2K7\Administrator >> serverProtocol=http >> serverName=vm-shpt2k7.services-kirey.lan >> password=******** >> >> Connection status:Crawl user did not authenticate properly, or has >> insufficient permissions to access >> http://vm-shpt2k7.services-kirey.lan/KireyRep: *(401)HTTP/1.1 401 >> Unauthorized* >> >> on manifoldcf.log >> >> *no error trace !* >> >> >> >> >> >> 2012/11/27 Karl Wright <daddy...@gmail.com> >> >>> Hi Luigi, >>> >>> The "Negotiate" is clearly part of the problem; please leave that out. >>> >>> The log entries you mention are indeed harmless warnings that we don't >>> have an Italian localization yet. >>> >>> When you view the connection in the UI, what do you see now? >>> >>> >>> Karl >>> >>> >>> On Tue, Nov 27, 2012 at 8:25 AM, Luigi D'Addario < >>> luigi.dadda...@googlemail.com> wrote: >>> >>>> hi Karl, >>>> thanks for your reply. >>>> >>>> *(1) Are you sure that your SharePoint IIS is not configured to use* >>>> *Kerberos auth?* >>>> >>>> >>>> On Sharepoint Server, in the MetaBase.xml i have >>>> >>>> <IIsWebVirtualDir Location ="/LM/W3SVC/662429156/Root" >>>> AccessFlags="AccessExecute | AccessRead | AccessWrite | AccessScript" >>>> AppFriendlyName="Root" >>>> AppIsolated="2" >>>> AppPoolId="SharePoint - 80" >>>> AppRoot="/LM/W3SVC/662429156/Root" >>>> AuthFlags="*AuthNTLM*" >>>> ContentIndexed="FALSE" >>>> DefaultLogonDomain="services-kirey.lan" >>>> DoDynamicCompression="TRUE" >>>> DoStaticCompression="TRUE" >>>> HttpCustomHeaders="X-Powered-By: ASP.NET >>>> MicrosoftSharePointTeamServices: 12.0.0.6421" >>>> *NTAuthenticationProviders="Negotiate,NTLM"* >>>> Path="C:\Inetpub\wwwroot\wss\VirtualDirectories\80" >>>> >>>> >>>> Ok, i have first "Negotiate", but if I force only NTLM (* >>>> NTAuthenticationProviders="NTLM"*), manifoldcf.log *not recorder any >>>> messages* !! >>>> >>>> >>>> With a simply asp script running on my Sharepoint Server page i tried >>>> to get authentication mode via http and this is the result: >>>> >>>> with *NTAuthenticationProviders="NTLM":* >>>> >>>> *User Id = VM-SHPT2K7\Administrator The user was logged in using the >>>> NTLM authentication method.* >>>> >>>> >>>> with *NTAuthenticationProviders="Negotiate,NTLM":* >>>> * >>>> * >>>> *User Id = VM-SHPT2K7\Administrator The Negotiate method was used! >>>> The user was logged on using NTLM* >>>> >>>> >>>> >>>> >>>> In manifoldcf.log i founded this error but i think is not related with >>>> 401: >>>> >>>> ERROR 2012-11-27 10:56:49,828 (qtp17632942-166) - Missing resource >>>> bundle 'org.apache.manifoldcf.crawler.connectors.sharepoint.common' for >>>> locale 'it': Can't find bundle for base name >>>> org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it; >>>> trying it >>>> java.util.MissingResourceException: Can't find bundle for base name >>>> org.apache.manifoldcf.crawler.connectors.sharepoint.common, locale it >>>> >>>> >>>> >>>> >>>> >>>> 2012/11/27 Karl Wright <daddy...@gmail.com> >>>> >>>>> Hi Luigi, >>>>> >>>>> The warning is coming from the part of commons-httpclient that is >>>>> trying to set up communication with your SharePoint instance. It >>>>> thinks it needs to use SPNEGO to figure out the authentication >>>>> mechanism, and it seems to be trying to load kerberos 5 configuration >>>>> information, which means that it thinks Kerberos is the >>>>> authentication mechanism of choice. >>>>> >>>>> (1) Are you sure that your SharePoint IIS is not configured to use >>>>> Kerberos auth? >>>>> >>>>> (2) What command-line arguments are you giving to the JVM that is >>>>> running ManifoldCF? >>>>> >>>>> Karl >>>>> >>>>> On Tue, Nov 27, 2012 at 7:44 AM, Luigi D'Addario >>>>> <luigi.dadda...@googlemail.com> wrote: >>>>> > Hello, >>>>> > >>>>> > I have installed apache-manifoldcf-1.0.1 on my Windows XP and >>>>> > apache-manifoldcf-sharepoint-2007-plugin on my SharePoint 2007 >>>>> server. >>>>> > (a virtual machine). >>>>> > >>>>> > I can see the Permissions Page when I enter >>>>> > http://xxxxx:xxxxx/sub_directory/_vti_bin/MCPermissions.asmx >>>>> > in my browser. >>>>> > When I try to make a "SharePoint Services 3.0 (2007)" >>>>> > connection to my SharePoint 2007 server in the ManifoldCF >>>>> > interface I get this error: >>>>> > >>>>> > Crawl user did not authenticate properly, or has insufficient >>>>> permissions to >>>>> > accesshttp://vm-shpt2k7/KireyRep: (401)HTTP/1.1 401 Unauthorized >>>>> > >>>>> > Via curl i get first a 401 and then a 200 status: >>>>> > >>>>> > curl --ntlm -u vm-shpt2k7\\administrator >>>>> > http://vm-shpt2k7/KireyRep/_vti_bin/MCPermissions.asmx -v >>>>> > Enter host password for user 'vm-shpt2k7\\administrator': >>>>> > * About to connect() to vm-shpt2k7 port 80 (#0) >>>>> > * Trying 192.168.30.42... >>>>> > * connected >>>>> > * Connected to vm-shpt2k7 (192.168.30.42) port 80 (#0) >>>>> > * Server auth using NTLM with user 'vm-shpt2k7\\administrator' >>>>> >> GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 >>>>> >> Authorization: NTLM >>>>> >> TlRMTVNTUAABAAAAt4II4gAAAAAAAAAAAAAAAAAAAAAFASgKAAAADw== >>>>> >> User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 >>>>> OpenSSL/0.9.8u >>>>> >> zlib/1.2 >>>>> > .6 libssh2/1.4.0 >>>>> >> Host: vm-shpt2k7 >>>>> >> Accept: */* >>>>> >> >>>>> > < HTTP/1.1 401 Unauthorized >>>>> > < Content-Length: 1539 >>>>> > < Content-Type: text/html >>>>> > < Server: Microsoft-IIS/6.0 >>>>> > < WWW-Authenticate: NTLM >>>>> > TlRMTVNTUAACAAAAHAAcADgAAAA1goniwKcRCkDsTOwAAAAAAAAAAMo >>>>> > >>>>> AygBUAAAABQLODgAAAA9TAEUAUgBWAEkAQwBFAFMALQBLAEkAUgBFAFkAAgAcAFMARQBSAFYASQBDAEU >>>>> > >>>>> AUwAtAEsASQBSAEUAWQABABQAVgBNAC0AUwBIAFAAVAAyAEsANwAEACQAcwBlAHIAdgBpAGMAZQBzAC0 >>>>> > >>>>> AawBpAHIAZQB5AC4AbABhAG4AAwA6AHYAbQAtAHMAaABwAHQAMgBrADcALgBzAGUAcgB2AGkAYwBlAHM >>>>> > >>>>> ALQBrAGkAcgBlAHkALgBsAGEAbgAFACQAcwBlAHIAdgBpAGMAZQBzAC0AawBpAHIAZQB5AC4AbABhAG4 >>>>> > AAAAAAA== >>>>> > < X-Powered-By: ASP.NET >>>>> > < MicrosoftSharePointTeamServices: 12.0.0.6421 >>>>> > < Date: Mon, 26 Nov 2012 21:47:30 GMT >>>>> > < >>>>> > * Ignoring the response-body >>>>> > * Connection #0 to host vm-shpt2k7 left intact >>>>> > * Issue another request to this URL: >>>>> > 'http://vm-shpt2k7/KireyRep/_vti_bin/MCPerm >>>>> > issions.asmx' >>>>> > * Re-using existing connection! (#0) with host (nil) >>>>> > * Connected to (nil) (192.168.30.42) port 80 (#0) >>>>> > * Server auth using NTLM with user 'vm-shpt2k7\\administrator' >>>>> >> GET /KireyRep/_vti_bin/MCPermissions.asmx HTTP/1.1 >>>>> >> Authorization: NTLM >>>>> >> TlRMTVNTUAADAAAAGAAYAJAAAAAYABgAqAAAABQAFABIAAAAHAAcAFwAAA >>>>> > >>>>> AYABgAeAAAABAAEADAAAAANYKI4gUBKAoAAAAPdgBtAC0AcwBoAHAAdAAyAGsANwBcAGEAZABtAGkAbg >>>>> > >>>>> BpAHMAdAByAGEAdABvAHIAUgBNAC0ARABBAEQARABBAFIASQBPAEwAVl9uuLABbMoAAAAAAAAAAAAAAA >>>>> > AAAAAAfxlYG/e4ds0BnEroh9Mto5NQBerxGktFfG5BOyKSh9Uth1nGuYbB3Q== >>>>> >> User-Agent: curl/7.25.0 (i386-pc-win32) libcurl/7.25.0 >>>>> OpenSSL/0.9.8u >>>>> >> zlib/1.2 >>>>> > .6 libssh2/1.4.0 >>>>> >> Host: vm-shpt2k7 >>>>> >> Accept: */* >>>>> >> >>>>> > < HTTP/1.1 200 OK >>>>> > < Date: Mon, 26 Nov 2012 21:47:32 GMT >>>>> > < Server: Microsoft-IIS/6.0 >>>>> > < X-Powered-By: ASP.NET >>>>> > < MicrosoftSharePointTeamServices: 12.0.0.6421 >>>>> > < X-AspNet-Version: 2.0.50727 >>>>> > < Set-Cookie: WSS_KeepSessionAuthenticated=80; path=/ >>>>> > < Cache-Control: private, max-age=0 >>>>> > < Content-Type: text/html; charset=utf-8 >>>>> > < Content-Length: 3253 >>>>> > < >>>>> > >>>>> > On virtual machine, IIS is using NTLM authentication, but in >>>>> manifoldcf.log >>>>> > I get this warning: >>>>> > >>>>> > WARN 2012-11-27 12:17:47,375 (Thread-6885) - NEGOTIATE >>>>> authentication error: >>>>> > Invalid name provided (Mechanism level: Could not load configuration >>>>> file >>>>> > C:\WINDOWS\krb5.ini (Impossibile trovare il file specificato)) >>>>> > >>>>> > >>>>> > Any idea ? >>>>> > >>>>> > Thanks >>>>> >>>> >>>> >>> >> >
