[jcifs] Issues with lmCompatibility and NTLMfilter

Gidado-Yisa Immanuel gidado at users.sourceforge.net
Mon Jan 22 15:35:54 GMT 2007

> The only one that is "sticky" is NTLM2 key; that will probably get it
> to work with your LMCompatibilityLevel = 4 clients, but will break the
> LMCompatibilityLevel = 0 ones (NTLM2 session security with NTLMv1
> authentication implies support for the NTLM2 session response Type 3
> message, which jCIFS will not interpret properly when the client sends
> it).

I'll try it out.  Also, I've got in mind a hack for my environment that may
allow level 0 and level 4 clients to cooperate.  In the filter, I can detect
the OS using the user-agent header.  If the OS is XP, then I'll set the
NTML2 key flag, otherwise, I'll leave it the way it is.  I *think* in our
environment, all the XP clients have LMCompatibilityLevel = 4.  (I have a
feeling they rolled out these security changes in one of the enterprise
monthly patches, because JCIFS "broke" only recently for XP clients.)

> It should be possible for us to support, but haven't had time to sit
> down and actually code this.

FWIW, I'll send a patch if I get it to work.

- Gidado

More information about the jcifs mailing list