[jcifs] Dealing with simultaneous users in a Win2k3 environment

Michael Kerley michael at enkoo.com
Fri Mar 19 21:04:41 GMT 2004 

Currently I'm using 0.7.19 due to a few incompatibilities between my
software and the 0.8.x series.

Should I send that trace to the mailing list, or directly to you and Mike?

Thanks
Michael

> -----Original Message-----
> From: Christopher R. Hertel [mailto:crh at ubiqx.mn.org]
> Sent: Friday, March 19, 2004 1:00 PM
> To: Michael B Allen
> Cc: jcifs at lists.samba.org; Michael Kerley
> Subject: Re: [jcifs] Dealing with simultaneous users in a Win2k3
> environment
> 
> On Fri, Mar 19, 2004 at 03:42:00PM -0500, Michael B Allen wrote:
> :
> > > 1. new SmbFile("smb://").listFiles()  --> Fails (expected because no
> > > authentication was given)
> >
> > Actually I don't recall ever seeing this fail. All systems that I work
> > with use null credentials to get the list of domains. Maybe Win2k3
> changed
> > that. Donno. What was the error?
> 
> I have *heard* of this, though I've not seen it myself.  WinNT and family
> will disallow browsing of local shares but, as you say, they generally
> allow anonymous access to the workgroup and server lists.
> 
> > > 2. new SmbFile("smb://user:pass@/").listFiles()  --> Gives the list of
> > > domains (expected)
> > >
> > > 3. new SmbFile("smb://").listFiles()  --> Gives the list of domains
> (bad;
> > > this is a security risk)
> >
> > JCIFS does not reuse security contexts but it does reuse TCP transport.
> I
> > have a feeling this is actually something going on on the windows server
> > (master browser). Meaning once a user has successfully authenticated the
> > NetServerEnum is suddenly available without credentials. Yet another
> quirk
> > in Windows' implementation.
> 
> See, I should have waited for your message before I sent my last one.
> 
> Looks as though a trace is in order.  I'd love to see this actually
> happen.
> 
> Michael K.: Which version of jCIFS?
> 
> Chris -)-----
> 
> --
> "Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
> Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
> jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development,
> uninq.
> ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
> OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the jcifs mailing list