[jcifs] NTLMv2 support

Christopher R. Hertel crh at ubiqx.mn.org
Sat Sep 27 04:59:06 EST 2003

"Laud, Amar" wrote:
> Eric,
> Thanks for your reply. It helped me understand the issue better. One
> question related to LMv2 and pass through authentication. You mentioned that
> LMv2 without NTLMv2 might work only in pass through authentication. We use
> jCIFS to validate a user credentials against a domain server. It seems that
> we won't be doing pass through authentication in such a scenario. So, we may
> see issues authenticating users in such cases ?


Our *best guess* as to the reason that LMv2 is used with pass-through is
that some older servers were hard-coded to pass the 24-byte value in that
field.  The NTLMv2 response is larger than 24 bytes, so those broken servers
would pass an incomplete response and authentication would fail.

Once again, that's a guess (but it's an educated one).

> Thanks.
> Amar
> Note : Chris, thanks for the reference link on the LMv2 and NTLMv2
> difference.

Hope you and the rest at RSA enjoy my diagram of HMAC-MD5.  One of my
favorites.  :)

Chris -)-----

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the jcifs mailing list