[jcifs] username dialog syntax changes

Michael B Allen mba2000 at ioplex.com
Thu Mar 23 20:07:49 GMT 2006

On Wed, 22 Mar 2006 11:04:29 -0600
"Tapperson Kevin" <Kevin.Tapperson at hcahealthcare.com> wrote:

> Another developer here has brought to my attention that Microsoft now
> supports 2 different formats for entering your userid in the NTLM
> challenge popup.  It can be entered using the old format of
> <domain>\<userid> or it can now be entered using the new format of
> <userid>@<domain>.  (This is only available/allowed on XP and Windows
> 2003 machines where the NTLM challenge pop-up does not contain an
> explicit domain field.)  Attached are 2 packet captures showing the same
> user authenticating to IIS using each format.  (Both are from Ethereal
> in libpcap format.)
> In the old format, the NTLM type 3 message domain field contains the
> domain and the username field contains the userid.  In the new format,
> the NTLM type 3 message domain field is NULL and the username field
> contains both the domain and userid specified as <userid>@<domain>.

Actually I'm pretty sure thats actually the realm and not the domain
and the realm is not necessarily the same as the domain. In a large
organization there can be many domains for a given realm.

I'll apply the patch because I don't want to bother myself with the
correct fix but for future reference I think the correct fix would be
to use RFC 2052 SRV DNS lookups to find the domain controller for the
particular realm.


More information about the jcifs mailing list