AW: [jcifs] cifs and rap
Michael B Allen
mba2000 at ioplex.com
Thu Aug 12 06:41:51 GMT 2004
Please send all correspondance to the list.
On Thu, 12 Aug 2004 08:20:33 +0200
"Carsten Dick" <cad at halvotec.de> wrote:
> Hello Michael,
>
> I have set the following properties in web.xml:
>
> jcifs.smb.client.domain=<DOMAIN_NAME>
> jcifs.http.domainController=<IP OF DOMAIN CONTROLLER>
>
> and by my Servlet I have set that parameters:
>
> jcifs.smb.client.soTimeout=300000
> jcifs.netbios.cachePolicy=600
> jcifs.http.basicRealm=jCIFS
Drop all of these properties except jcifs.http.domainController.
> I can't install one of the programms to get a network packet dump,
> because it is installed on the test server of our customer and I don't
> have all privileges there.
> The server challenge for NtlmPasswordAuthentication is on the same
> server as that where I start the request for the credentials.
> The application is running in a Bea Weblogic 6.1 Sp4 container which
> is runnning as service under Windows 2000. I think running the container
> as service has no user, which is privileged at the domain controller to
> request the credentials. Am I right?
> When it is so, I have to start the request with a user known by the
> domain controller. Is there a way to do this?
JCIFS operates entirely independantly from the host operating system.
Does the regular (no jcifs-ext) Filter work?
Mike
>
> Carsten
>
> -----Ursprüngliche Nachricht-----
> Von: Michael B Allen [mailto:mba2000 at ioplex.com]
> Gesendet: Mittwoch, 11. August 2004 19:48
> An: Carsten Dick
> Cc: jcifs at lists.samba.org
> Betreff: Re: [jcifs] cifs and rap
>
>
> On Wed, 11 Aug 2004 13:54:16 +0000 (UTC)
> carsten <cad at halvotec.de> wrote:
>
> > Hello,
> >
> > I try to authenticate to a nt domain controller by using jcifs. After
> > authentication I want to get the groups of authenticated user by using
> > jcifs- ext and the rap extension of it. The domain controller will
> > authenticate the user, but when I try to get the user groups the domain
> > controller will respond with a result of 5, which means that the user
> > has insufficient privilege. Which
>
> Actually it doesn't mean "insufficient privilege" exactly. What's the
> full stack-trace? NT_STATUS_ACCESS_VIOLATION has special meaning for
> jCIFS. If the NtlmPasswordAuthentication object was created with a server
> challenge different from a server different from the server with which
> you are trying to use the credentials you will get this error indicating
> that the negotiate credentials are invalid for the target.
>
> What does your web.xml file look like (what jcifs properties do you
> have set)?
>
> Mike
>
> --
> Greedo shoots first? Not in my Star Wars.
>
--
Greedo shoots first? Not in my Star Wars.
More information about the jcifs
mailing list