[jcifs] NTLMv2 support
Christopher R. Hertel
crh at ubiqx.mn.org
Sat Sep 27 04:59:06 EST 2003
"Laud, Amar" wrote:
>
> Eric,
>
> Thanks for your reply. It helped me understand the issue better. One
> question related to LMv2 and pass through authentication. You mentioned that
> LMv2 without NTLMv2 might work only in pass through authentication. We use
> jCIFS to validate a user credentials against a domain server. It seems that
> we won't be doing pass through authentication in such a scenario. So, we may
> see issues authenticating users in such cases ?
Amar,
Our *best guess* as to the reason that LMv2 is used with pass-through is
that some older servers were hard-coded to pass the 24-byte value in that
field. The NTLMv2 response is larger than 24 bytes, so those broken servers
would pass an incomplete response and authentication would fail.
Once again, that's a guess (but it's an educated one).
> Thanks.
>
> Amar
>
> Note : Chris, thanks for the reference link on the LMv2 and NTLMv2
> difference.
Hope you and the rest at RSA enjoy my diagram of HMAC-MD5. One of my
favorites. :)
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the jcifs
mailing list