[jcifs] java.net.UnknownHostException: Failed to negotiate with
a suitable domain controller for ********
Michael B Allen
mba2000 at ioplex.com
Fri Feb 24 20:31:56 GMT 2006
On Fri, 24 Feb 2006 13:35:08 -0600
"Ghouse, Sherjeel" <Sherjeel.Ghouse at molex.com> wrote:
> We implemented jCIFS NTLM authentication in production last month. There
> were four outages of the Intranet site since then because of
> java.net.UnknownHostException: Failed to negotiate with a suitable
> domain controller for ******. The web application is stable most of the
That error is basically what it sounds like. There's some kind of
network failure somewhere and for some reason JCIFS is more sensitive
to it than other software.
Use the CheckAllDC.java example to see what domain controllers JCIFS
is trying to use and if it can authenticate with them. Also, I don't
think you need six WINS servers listed. Alternate WINS server aren't
tried unless JCIFS completely fails to communicate with the current
one. So if the WINS server is just returning bad entries, increasing
the number of WINS servers isn't going to help. Actually, try the
CheckAllDC.java example with a few of the WINS servers. Maybe one is
sending bad entries. Or maybe it just becomes unresponsive for a time
(e.g. during a replication or backup job). If that turns out to be the
case, aside from increasing the name service timeouts, cachePolicy,
etc, you could just use the lmhosts option to hard code the address of
one reliable domain controller . Read the overview page of the API
documentation for the list of properties. There's a lot of things you
could do (espectially if you diagnose what the exact failure mode is).
 Note this is superior to just using the domainController property
because when the domainController property is used "preauthentication"
doesn't work (this point isn't in the documentation!).
More information about the jcifs