AW: [jcifs] Member in Domain?

Michael B. Allen miallen at eskimo.com
Mon Dec 9 22:17:54 EST 2002 

On Mon, 9 Dec 2002 11:41:19 +0100
Müller Jens <Jens.Mueller at dbv-winterthur.de> wrote:

> Hi Eric,
> 
> I tried to generate an UniAdress-Object with:
> UniAddress domainController = UniAddress.getByName("NAME-OF-DC");
> 
> It takes about 5 seconds, until I get an object. (is it normal?)

A name service timeout is 6 seconds. It's probably trying and failing
to do a NetBIOS broadcast lookup. If 'NAME-OF-DC' is a NetBIOS name
set your jcifs.netbios.wins property. Otherwise skip NetBIOS by setting
jcifs.resolveOrder=DNS and use the DNS name. Or use the IP.

> With this object I called the method below and received the following
> exception:
> 
> jcifs.smb.SmbAuthException: Access denied
> 
> Do you have an idea, what could be the reason for it?

The entity represented by the specified domain and user is not permitted
to access \\NAME-OF-DC\IPC$ or the password was wrong (although I think
you should get 'Bad password' for that) which is a pretty good indication
that the entity is not in that host's SAM database. Varify your domain
and username before passing it to the SmbSession.logon method. Also,
passwords are case sensitive. Otherwise, were pretty confident that it
actually works :~)

> 
> Regards
> Jens
> 
> > If you have obtained a non-null NtlmPasswordAuthentication object from the
> 
> > doAuthentication call (i.e., the client has responded with a well-formed
> type-3 
> > message), and you want to check if the response will successfully
> authenticate 
> > them against a specific domain, you should be able to do:
> > 
> > public boolean isInDomain(NtlmPasswordAuthentication np,
> >         UniAddress domainController, String domain) throws IOException {
> >     try {
> >         if (!domain.equalsIgnoreCase(np.getDomain())) return false;
> >         SmbSession.logon(domainController, np);
> >         return true;
> >     } catch (SmbAuthException ex) {
> >         return false;
> >     }
> > }
> > 
> > The domainController above should be the same box which produced the
> type-2 
> > challenge, i.e. via SmbSession.getChallenge(domainController)
> > 
> > Eric


-- 
A  program should be written to model the concepts of the task it
performs rather than the physical world or a process because this
maximizes  the  potential  for it to be applied to tasks that are
conceptually  similar and, more important, to tasks that have not
yet been conceived.

More information about the jcifs mailing list