Subscribe
Accepted Solution

Can't connect from Mac to filer using NTLM Authentication

We are having problems in our organization getting our macs connected via webdav using NTLM authentication.

Our structure is as follows:

Netapp/IBM nSeries gateway/filer model n6040 which is our FTP/CIFS/Webdav host.

Windows Server 2008 R2 Domain Controller with Active Directory

Windows 7, Mac osX clients (various versions).

From the windows side, we are able to connect to our filer via FTP, CIFS, and http/Webdav after we authenticate using our AD credentials.  From the Mac side, we can authenticate and connect to our filer using FTP, CIFS (using Connect to Server "smb://ourfiler.com") and through a browser using the address of http://ourfiler.com.  This type of connection using webdav works with Firefox but not using Safari or Chrome but isn't adequate enough for our users since the browser based connection is read only.  However, when we try to Connect to Server via webdav using our server address of http://ourfiler.com:80, we never get past the "Enter your name and password for the server "ourfiler.com."

We tried a third party webdav client on our macs: Cyberduck, which also fails to connect using webdav.   We also tried a separate linux client and were able to connect without any problems.

Since authetication for webdav works on windows and linux, we're thinking there is problem with osX itself.  Has anyone else had this problem or can anyone suggest any workarounds/solutions?

To be clear, we modified the httpd.access file to include "AuthName Windows(tm) Authentication"

Re: Can't connect from Mac to filer using NTLM Authentication

is this a question that your team handles or should it go into NetApp Support Community?

Re: Can't connect from Mac to filer using NTLM Authentication

Looks like you were not able to help on this issue here.  We have external and internal subject matter experts in the NetApp Support Community answering questions about Filers.  If you have a NOW login, this link enables you to engage them about this.

Re: Can't connect from Mac to filer using NTLM Authentication

I was finally able to find a workaround:

Even though Mac OS X includes support for WebDAV folders, it does not work in conjunction with NTLM authentication and Netapp's Ontap software.    A workaround is to use WDFS, which is an alternative WebDAV package for FUSE.

First, you must install Macports from http://www.macports.org/

Next, install xcode from https://developer.apple.com/technologies/tools/

Once this is all done, you need to open Terminal, located in Applications/Utilities. Once open, the first task is to install Fuse4x, Neon and Glib2, which WDFS uses as libraries. 

Apply the follwing bold commands in the terminal window:

mac:~ User$ sudo port install fuse4x

mac:~ User$ sudo port install neon

mac:~ User$ sudo port install glib2

Once the packages are installed, download WDFS from http://noedler.de/projekte/wdfs/. Extract the archive to a folder, and then browse to that folder in Terminal using the ‘cd’ command.

mac:~ User$ cd Downloads/wdfs-1.4.2

We now need to compile WDFS by tying the following bold text in Terminal:

mac:wdfs-1.4.2 User$ sudo ./configure

mac:wdfs-1.4.2 User$ sudo make

mac:wdfs-1.4.2 User$ sudo make install

Once this is done, WDFS is installed and ready to use. Now you can mount the WebDAV share using the following commands in bold:

macSmiley Very Happyocuments User$ cd ../..

mac:Users User$ cd User/Documents/

macSmiley Very Happyocuments User$ mkdir  WebDAV_Volumes

macSmiley Very Happyocuments User$ cd WebDAV_Volumes/

mac:WebDAV_Volumes User$ mkdir WebDAVShare

This creates a folder which we can use as a mountpoint for the WebDAV share.

Now, to mount the share volume type the following command in the terminal:

mac:WebDAV_Volumes User$ wdfs http://[host]:80 /Users/User/Documents/WebDAV_Volumes/WebDAVShare/ -u "Domain\username" -p password -o accept_sslcert

The folder which previously appeared as WebDAVShare is changed to  fuse4x volume 0 (wdfs) and can be used with read/execute permissions using the Mac OS X integrate Finder application.  Writing to the volume using Finder where unsuccessful during my tests.

In order to be able to write to a WebDAV volume, you need to download and install a free third-party application called Mu Commander, located at http://www.mucommander.com/.  Note: Attempts to use another popular free third-party application called X-folders where unsuccessful when trying to copy files to the new volume.

In any case, once Mu Commander is installed, you can browse to the fuse4x volume in one window with read/write permissions.  You can now freely copy files between your newly created volume and your local system using WebDAV.