CIFS - Docs@Work - Android Enterprise

JohnM 2018-03-17 15:52:49 UTC #1

Did any of you implement CIFS for Android Enterprise yet?
I am having struggles connecting - Docs@Work for iOS works for the same user, Docs@Work for Android drops me an metadata error from the server. I have to investigate further and just wanted to check your feedback.

What confuses me is the statement in the Release Notes for D@W 2.3: „for access to CIFS/SMB servers. CIFS/SMB traffic must be tunneled through Standalone Sentry“ BUT then along comes this statement:

• Android enterprise enabled Docs@Work does not support tunneling through Standalone Sentry.

Any help?

Thanks!

-John

andrew_dawson 2018-03-18 20:07:15 UTC #2

Hi John,

Since the Docs@Work 2.3 release is not that old I would go with the most recent information, Docs@Work 2.3 Android Enterprise supported by Standalone Sentry.

Do you have more information on the error, device/sentry logs, screenshots, etc.

,Andrew

JohnM 2018-03-19 18:31:55 UTC #3

Hi Andrew,

I have to re-enroll a device, then I can gather some logs.
The weird thing is, I am not able to enter any credentials - there is no prompt or no chance to modify it on a later point. So I think this is the issue.
Also tried to use the autofill credentials - still no password input anywhere.

Autofill:
{“default”: “mydomain/$USERID$”}

The default config within D@W app looks like this:

Device UUID:
$DEVICE_UUID$

User ID:
$USERID$

group sites: (Basic Auth)
[{“auth”:"",“domain”:“CIFS”,“name“:“My Share“,“ priority”:“false”,“subDomain”:“NetworkDrive”,“url”:“https://192.168.0.204:445/Files“,“webView":"false”}]

AppTunnel rule:
{“sentryHostName”:“https://tunnel.mydomain.com”,“sentryPort”:“443”,“domainPattern”:[“fileserver.mydomain.com”]}

Identity Certificate:
$CERT_ALIAS:AppTunnel-SCEP$

Thanks.

-John

JohnM 2018-03-24 09:21:23 UTC #4

If took a look at the logs of the AppTunnel Sentry - Server returned status HTTP 401 - Unauthorized - which clearly tells me that this is an authentication issue. Like I said I was never prompted to enter the credentials on the device. Do you know how to enter the credentials within Docs@Work for Android Enterprise? I can’t find any options.
With Docs@Work for iOS I get prompted instantly for the username and credentials and the same user account gets access to the file share.

JohnM 2018-03-24 09:35:01 UTC #5

I am also seeing some error with “no cipher suites” in common.
Does the Android Enteprise Docs@Work app need other cipher suites compared to the Docs@Work for iOS?

andrew_dawson 2018-03-25 02:03:34 UTC #6

Do you get the same error when you manual add the cigs share from docs@work.

What error messages do you see in the sentry logs while this error occurs?

JohnM 2018-03-25 13:42:08 UTC #7

In version 2.3.0.0.8 on Android Enterprise I can’t manually add CIFS shares (I do not block adding sites)
If I click on add site I can only add Sharepoint.
If I go into settings - configuration - add symbol (+) - there is also only Sharepoint, WebDAV, BoxEnterprise, GoogleDrive.
I am updating to Sentry 9.3.0 and verify if there is any difference.

andrew_dawson 2018-03-26 11:23:06 UTC #8

Created a core running 9.6.0.2 with a fresh install of Docs@work with it’s default config, ‘NetworkDrive’ is an option from the app.

Try creating a new config with no settings on the device and check if you can manually add a share.

I am wondering if there is some kind of issue with the config created prior to the ability to add Network Drives or the meta data for appconfig for the app has not updated for some reason.

JohnM 2018-03-26 18:29:45 UTC #9

Hey Andrew…
adding a new config did the trick with the manual adding of the share. thanks.
I was able to add the share manually now, but I still receive the same log entries on Sentry like I get with the deployed config. Strange…

andrew_dawson 2018-03-28 05:27:14 UTC #10

Can you provide some of the debug sentry log around the time the issue occurs?