[jcifs] regarding multi-domains

Eric eglass1 at comcast.net
Wed Apr 21 01:09:16 GMT 2004

O'Rourke, James wrote:
> I'm wondering how the Global Catalog works with various domain 
> controllers in a multi-domain single forest network. When authenticating 
> using SmbSession.authenticate() we provide both the domain controller + 
> an NtlmPasswordAuthentication object which encapsulates the domain + 
> userId + credentials. Why is this domain provided here? What if the 
> domain controller is for a domain different from the domain which is 
> associated with the authentication object? Is it the case that the 
> domain controller which is queried will query the Global Catalog to try 
> to authenticate this "foreign" user or will we see a failure?

If there is an appropriate trust established between the domains, the 
authentication will work; otherwise it will fail.  jCIFS uses the 
NT4-style domain model; I'm not terribly familiar with the active 
directory stuff.  From what I gather, NTLM is required for standalone 
server authentication (where there is no KDC) and inter-forest 


More information about the jcifs mailing list