[jcifs] regarding multi-domains
Eric
eglass1 at comcast.net
Wed Apr 21 01:09:16 GMT 2004
O'Rourke, James wrote:
> I'm wondering how the Global Catalog works with various domain
> controllers in a multi-domain single forest network. When authenticating
> using SmbSession.authenticate() we provide both the domain controller +
> an NtlmPasswordAuthentication object which encapsulates the domain +
> userId + credentials. Why is this domain provided here? What if the
> domain controller is for a domain different from the domain which is
> associated with the authentication object? Is it the case that the
> domain controller which is queried will query the Global Catalog to try
> to authenticate this "foreign" user or will we see a failure?
If there is an appropriate trust established between the domains, the
authentication will work; otherwise it will fail. jCIFS uses the
NT4-style domain model; I'm not terribly familiar with the active
directory stuff. From what I gather, NTLM is required for standalone
server authentication (where there is no KDC) and inter-forest
authentication.
Eric
More information about the jcifs
mailing list