[jcifs] username dialog syntax changes
Tapperson Kevin
Kevin.Tapperson at hcahealthcare.com
Fri Mar 24 21:06:01 GMT 2006
>> Another developer here has brought to my attention that Microsoft now
>> supports 2 different formats for entering your userid in the NTLM
>> challenge popup. It can be entered using the old format of
>> <domain>\<userid> or it can now be entered using the new format of
>> <userid>@<domain>. (This is only available/allowed on XP and Windows
>> 2003 machines where the NTLM challenge pop-up does not contain an
>> explicit domain field.) Attached are 2 packet captures showing the
>> same user authenticating to IIS using each format. (Both are from
>> Ethereal in libpcap format.)
>>
>> In the old format, the NTLM type 3 message domain field contains the
>> domain and the username field contains the userid. In the new
format,
>> the NTLM type 3 message domain field is NULL and the username field
>> contains both the domain and userid specified as <userid>@<domain>.
>
>Actually I'm pretty sure thats actually the realm and not the domain
and the realm is not necessarily the same as the
>domain. In a large organization there can be many domains for a given
realm.
>
>I'll apply the patch because I don't want to bother myself with the
correct fix but for future reference I think the
>correct fix would be to use RFC 2052 SRV DNS lookups to find the domain
controller for the particular realm.
>
>Mike
In this case, what is the relationship then between a realm and a
domain.
More information about the jcifs
mailing list