[jcifs] jcifs.netbios.hostname not working since jcifs 1.2.15

Michael B Allen miallen at ioplex.com
Mon Nov 5 18:22:24 GMT 2007

On Mon, 05 Nov 2007 12:12:41 +0100
Ronald Müller <ronald.mueller at infopark.de> wrote:

> Hello,
> with jcifs 1.2.15 (and later) the in 
> http://jcifs.samba.org/src/docs/ntlmhttpauth.html#adpolicy described 
> workaround to set jcifs.netbios.hostname to a valid NetBIOS name and add 
> that name to the AD security policy as a permitted client doesn't work 
> any longer. The client can't be authenticated although this property is 
> set correctly.
> With jcifs 1.2.14 this workaround works fine / as described and the user 
> can be authenticated although he's only allowed to log on from permitted 
> clients.
> Could this be a side effect of disabling port 139 with jcifs 1.2.15? How 
> to authenticate users which are only allowed to log into the domain from 
> their personal workstations with jcifs 1.2.15 (and later)?

Previously, if the jcifs.netbios.hostname value was set, the client would
use port 139 instead of 445. For reasons I do not recall, that behavior
was eliminated. The adpolicy thing only works if the client connects to
port 139. I don't recall if there's any property to force the client to
use port 139. You could hack the filter to use port 139 in the SMB URL.


Michael B Allen
PHP Active Directory SPNEGO SSO

More information about the jcifs mailing list