[jcifs] Problem authenticating to server with different capabilities
Jacob Wallström
jacob.wallstrom at gmail.com
Tue Nov 20 13:21:06 GMT 2007
I'm using NtlmHttpFilter for authenticating against a domain and have
been getting occasonial failures. I managed to track down the problem
to the fact that there are 3 different w2k3 servers handling the
authentication in a round-robin style. One of the servers always fail.
When I trace the negotiation process with jcifs.util.loglevel I have
noticed that SmbComNegotiateResponse contains capabilities=0x0001F3FD
for the two successful servers but the problematic server has
capabilities=0x0000F3FD. One bit is different, and I suspect that this
is the problem because it is at this point the two different
negotiations diverge. What does this bit mean? What server
configuration should be changed on the problematic server so that all
servers have the same capabilities?
The following properties are set:
jcifs.smb.client.domain
jcifs.netbios.wins
I'm using JCIFS 1.1.11. I'm attaching the JCIFS log output below.
Thanks,
Jacob Wallström
OK login
======
session established ok with HM<1C>/x.x.x.42
requesting negotiation with HM<1C>/x.x.x.42
SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,errorCode=The
operation completed
successfully.,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=1,wordCount=0,byteCount=12,wordCount=0,dialects=NT
LM 0.12]
00000: 00 00 00 2F FF 53 4D 42 72 00 00 00 00 18 03 C0 |.../ÿSMBr......À|
00010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 79 |..............ry|
00020: 00 00 01 00 00 0C 00 02 4E 54 20 4C 4D 20 30 |........NT LM 0 |
new data read from socket: HM<1C>/x.x.x.42
byteCount=26 but readBytesWireFormat returned 12
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=true,errorCode=The
operation completed
successfully.,flags=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=1,wordCount=17,byteCount=26,wordCount=17,dialectIndex=0,securityMode=0x7,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,
capabilities=0x0001F3FD,serverTime=Tue Nov 20 12:25:08 CET
2007,serverTimeZone=65056,encryptionKeyLength=8,byteCount=26,encryptionKey=0x7E82764ECBE23BCB,oemDomainName=HM]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 |ÿSMBr......À....|
00010: 00 00 00 00 00 00 00 00 00 00 72 79 00 00 01 00 |..........ry....|
00020: 11 00 00 07 32 00 01 00 04 41 00 00 00 00 01 00 |....2....A......|
00030: 00 00 00 00 FD F3 01 00 D3 B0 A3 01 68 2B C8 01 |....ýó..Ó°£.h+È.|
00040: 20 FE 08 1A 00 7E 82 76 4E CB E2 3B CB 48 00 4D | þ...~.vNËâ;ËH.M|
00050: 00 00 00 43 00 4E 00 44 00 43 00 32 00 00 00 |...C.N.D.C.2... |
Default credentials (jcifs.smb.client.username/password) not
specified. SMB signing may not work propertly. Skipping DC
interrogation.
treeConnect: unc=\\x.x.x.42\IPC$,service=?????
sessionSetup: accountName=tempjawal,primaryDomain=HM
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=The
operation completed
successfully.,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=2,wordCount=13,byteCount=109,andxCommand=0x75,andxOffset=170,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountName=tempjawal,primaryDomain=HM,NATIVE_OS=Windows
XP,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=The
operation completed
successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=31090,uid=0,mid=0,wordCount=4,byteCount=45,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\x.x.x.42\IPC$,service=?????]
00000: 00 00 00 E2 FF 53 4D 42 73 00 00 00 00 18 03 C0 |...âÿSMBs......À|
00010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 79 |..............ry|
00020: 00 00 02 00 0D 75 00 AA 00 04 41 0A 00 01 00 00 |.....u.ª..A.....|
00030: 00 00 00 18 00 18 00 00 00 00 00 54 10 00 00 6D |...........T...m|
00040: 00 0B 50 F4 1C 75 75 00 80 D9 EF FF 07 FA 11 1A |..Pô.uu..Ùïÿ.ú..|
00050: 7C 0E CB 0F 0E 85 C4 86 CE AC DD 9B 24 A7 3E 26 ||.Ë...Ä.άÝ.$§>&|
00060: 3E C8 A4 67 6B 68 89 EF FD BE 5A C6 BA C5 9D 38 |>Ȥgkh.ïý¾ZƺÅ.8|
00070: 02 00 74 00 65 00 6D 00 70 00 6A 00 61 00 77 00 |..t.e.m.p.j.a.w.|
00080: 61 00 6C 00 00 00 48 00 4D 00 00 00 57 00 69 00 |a.l...H.M...W.i.|
00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S....ÿ|
000B0: 00 00 00 00 00 01 00 2D 00 00 5C 00 5C 00 31 00 |.......-..\.\.1.|
000C0: 30 00 2E 00 32 00 30 00 30 00 2E 00 33 00 2E 00 |0...2.0.0...3...|
000D0: 34 00 32 00 5C 00 49 00 50 00 43 00 24 00 00 00 |4.2.\.I.P.C.$...|
000E0: 3F 3F |?? |
new data read from socket: HM<1C>/x.x.x.42
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=true,errorCode=The
operation completed
successfully.,flags=0x0098,flags2=0xC003,signSeq=0,tid=2050,pid=31090,uid=2050,mid=2,wordCount=3,byteCount=146,andxCommand=0x75,andxOffset=187,isLoggedInAsGuest=false,nativeOs=Windows
Server 2003 R2 3790 Service Pack 2,nativeLanMan=Windows Server 2003 R2
5.2,primaryDomain=HM]
SmbComTreeConnectAndXResponse[command=SMB_COM_TREE_CONNECT_ANDX,received=true,errorCode=The
operation completed
successfully.,flags=0x0098,flags2=0xC003,signSeq=0,tid=2050,pid=31090,uid=2050,mid=2,wordCount=3,byteCount=6,andxCommand=0xFF,andxOffset=202,supportSearchBits=true,shareIsInDfs=false,service=IPC,nativeFileSystem=]
00000: FF 53 4D 42 73 00 00 00 00 98 03 C0 00 00 00 00 |ÿSMBs......À....|
00010: 00 00 00 00 00 00 00 00 02 08 72 79 02 08 02 00 |..........ry....|
00020: 03 75 00 BB 00 00 00 92 00 41 57 00 69 00 6E 00 |.u.».....AW.i.n.|
00030: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 |d.o.w.s. .S.e.r.|
00040: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00 |v.e.r. .2.0.0.3.|
00050: 20 00 52 00 32 00 20 00 33 00 37 00 39 00 30 00 | .R.2. .3.7.9.0.|
00060: 20 00 53 00 65 00 72 00 76 00 69 00 63 00 65 00 | .S.e.r.v.i.c.e.|
00070: 20 00 50 00 61 00 63 00 6B 00 20 00 32 00 00 00 | .P.a.c.k. .2...|
00080: 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 |W.i.n.d.o.w.s. .|
00090: 53 00 65 00 72 00 76 00 65 00 72 00 20 00 32 00 |S.e.r.v.e.r. .2.|
000A0: 30 00 30 00 33 00 20 00 52 00 32 00 20 00 35 00 |0.0.3. .R.2. .5.|
000B0: 2E 00 32 00 00 00 48 00 4D 00 00 03 FF 00 CA 00 |..2...H.M...ÿ.Ê.|
000C0: 01 00 06 00 49 50 43 00 00 00 |....IPC... |
NtlmHttpFilter: HM\tempjawal successfully authenticated against HM<1C>/x.x.x.42
Bad login
=======
session established ok with HM<1C>/x.x.x.124
requesting negotiation with HM<1C>/x.x.x.124
SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,
errorCode=The operation completed
successfully.,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=1,wordCount=0,byteCount=12,wordCount=0,dialects=NT
LM 0.12]
00000: 00 00 00 2F FF 53 4D 42 72 00 00 00 00 18 03 C0 |.../ÿSMBr......À|
00010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 79 |..............ry|
00020: 00 00 01 00 00 0C 00 02 4E 54 20 4C 4D 20 30 |........NT LM 0 |
new data read from socket: HM<1C>/x.x.x.124
byteCount=28 but readBytesWireFormat returned 12
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=true,errorCode=The
operation completed
successfully.,flags=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=1,wordCount=17,byteCount=28,wordCount=17,dialectIndex=0,securityMode=0x7,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,
capabilities=0x0000F3FD,serverTime=Tue Nov 20 12:23:23 CET
2007,serverTimeZone=65476,encryptionKeyLength=8,byteCount=28,encryptionKey=0x6A8F1598323B44EF,oemDomainName=HM]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 |ÿSMBr......À....|
00010: 00 00 00 00 00 00 00 00 00 00 72 79 00 00 01 00 |..........ry....|
00020: 11 00 00 07 32 00 01 00 04 41 00 00 00 00 01 00 |....2....A......|
00030: 00 00 00 00 FD F3 00 00 F6 73 28 C3 67 2B C8 01 |....ýó..ös(Ãg+È.|
00040: C4 FF 08 1C 00 6A 8F 15 98 32 3B 44 EF 48 00 4D |Äÿ...j...2;DïH.M|
00050: 00 00 00 44 00 4B 00 44 00 43 00 30 00 32 00 00 |...D.K.D.C.0.2..|
00060: 00 |. |
Default credentials (jcifs.smb.client.username/password) not
specified. SMB signing may not work propertly. Skipping DC
interrogation.
treeConnect: unc=\\x.x.x.124\IPC$,service=?????
sessionSetup: accountName=tempjawal,primaryDomain=HM
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=The
operation completed
successfully.,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=2,wordCount=13,byteCount=109,andxCommand=0x75,andxOffset=170,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountName=tempjawal,primaryDomain=HM,NATIVE_OS=Windows
XP,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=The
operation completed
successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=31090,uid=0,mid=0,wordCount=4,byteCount=45,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\x.x.x.124\IPC$,service=?????]
00000: 00 00 00 E2 FF 53 4D 42 73 00 00 00 00 18 03 C0 |...âÿSMBs......À|
00010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 72 79 |..............ry|
00020: 00 00 02 00 0D 75 00 AA 00 04 41 0A 00 01 00 00 |.....u.ª..A.....|
00030: 00 00 00 18 00 18 00 00 00 00 00 54 10 00 00 6D |...........T...m|
00040: 00 E1 EA C5 52 D9 D3 B7 CB C0 59 F3 8A 1E B8 18 |.áêÅRÙÓ·ËÀYó..¸.|
00050: 7C 74 5F 3C 8C 8A 57 1E 38 5E AE 03 E0 03 1A 81 ||t_<..W.8^(R).à...|
00060: 88 B2 DA A3 98 92 21 6C CD D7 D5 1C BD 91 AD 80 |.²Ú£..!lÍ×Õ.½..|
00070: F3 00 74 00 65 00 6D 00 70 00 6A 00 61 00 77 00 |ó.t.e.m.p.j.a.w.|
00080: 61 00 6C 00 00 00 48 00 4D 00 00 00 57 00 69 00 |a.l...H.M...W.i.|
00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S....ÿ|
000B0: 00 00 00 00 00 01 00 2D 00 00 5C 00 5C 00 31 00 |.......-..\.\.1.|
000C0: 30 00 2E 00 31 00 30 00 2E 00 33 00 2E 00 31 00 |0...1.0...3...1.|
000D0: 32 00 34 00 5C 00 49 00 50 00 43 00 24 00 00 00 |2.4.\.I.P.C.$...|
000E0: 3F 3F |?? |
new data read from socket: HM<1C>/x.x.x.124
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=true,errorCode=Logon
failure: unknown user name or bad
password.,flags=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=31090,uid=0,mid=2,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,isLoggedInAsGuest=false,nativeOs=,nativeLanMan=,primaryDomain=]
00000: FF 53 4D 42 73 6D 00 00 C0 98 03 C0 00 00 00 00 |ÿSMBsm..À..À....|
00010: 00 00 00 00 00 00 00 00 00 00 72 79 00 00 02 00 |..........ry....|
00020: 00 00 00 |... |
NtlmHttpFilter: HM\tempjawal: 0xC000006D: jcifs.smb.SmbAuthException:
Logon failure: unknown user name or bad password.
More information about the jcifs
mailing list