[jcifs] jcifs.netbios.hostname not working since jcifs 1.2.15
Michael B Allen
miallen at ioplex.com
Mon Nov 5 18:22:24 GMT 2007
On Mon, 05 Nov 2007 12:12:41 +0100
Ronald Müller <ronald.mueller at infopark.de> wrote:
> Hello,
>
> with jcifs 1.2.15 (and later) the in
> http://jcifs.samba.org/src/docs/ntlmhttpauth.html#adpolicy described
> workaround to set jcifs.netbios.hostname to a valid NetBIOS name and add
> that name to the AD security policy as a permitted client doesn't work
> any longer. The client can't be authenticated although this property is
> set correctly.
> With jcifs 1.2.14 this workaround works fine / as described and the user
> can be authenticated although he's only allowed to log on from permitted
> clients.
>
> Could this be a side effect of disabling port 139 with jcifs 1.2.15? How
> to authenticate users which are only allowed to log into the domain from
> their personal workstations with jcifs 1.2.15 (and later)?
Previously, if the jcifs.netbios.hostname value was set, the client would
use port 139 instead of 445. For reasons I do not recall, that behavior
was eliminated. The adpolicy thing only works if the client connects to
port 139. I don't recall if there's any property to force the client to
use port 139. You could hack the filter to use port 139 in the SMB URL.
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
More information about the jcifs
mailing list