[jcifs] Issues with lmCompatibility and NTLMfilter
Gidado-Yisa Immanuel
gidado at users.sourceforge.net
Mon Jan 22 15:35:54 GMT 2007
> The only one that is "sticky" is NTLM2 key; that will probably get it
> to work with your LMCompatibilityLevel = 4 clients, but will break the
> LMCompatibilityLevel = 0 ones (NTLM2 session security with NTLMv1
> authentication implies support for the NTLM2 session response Type 3
> message, which jCIFS will not interpret properly when the client sends
> it).
I'll try it out. Also, I've got in mind a hack for my environment that may
allow level 0 and level 4 clients to cooperate. In the filter, I can detect
the OS using the user-agent header. If the OS is XP, then I'll set the
NTML2 key flag, otherwise, I'll leave it the way it is. I *think* in our
environment, all the XP clients have LMCompatibilityLevel = 4. (I have a
feeling they rolled out these security changes in one of the enterprise
monthly patches, because JCIFS "broke" only recently for XP clients.)
> It should be possible for us to support, but haven't had time to sit
> down and actually code this.
FWIW, I'll send a patch if I get it to work.
- Gidado
More information about the jcifs
mailing list