[jcifs] Domain Controller and PreAuth
Brown, Melonie
mbrown at microstrategy.com
Thu Oct 4 14:09:49 GMT 2007
Since WINS is not available, the parameters were modified to use a lmhost file like so:
<init-param>
<param-name>jcifs.netbios.lmhosts</param-name>
<param-value>hostfile</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>MYDOMAINNAME</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.username</param-name>
<param-value>AUSER</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.password</param-name>
<param-value>APASSWORD</param-value>
</init-param>
<init-param>
<param-name>jcifs.util.loglevel</param-name>
<param-value>2</param-value>
</init-param>
The hostfile looks like this:
xxx.xx.xxx.xxx DNS_MACHINE1
xxx.xx.xxx.xxx DNS_MACHINE2
xxx.xx.xxx.xxx DNS_MACHINE3
xxx.xx.xxx.xxx DNS_MACHINE4
Now authentication fails with:
java.net.UnknownHostException: Failed to negotiate with a suitable domain controller for MYDOMAINNAME
jcifs.smb.SmbSession.getChallengeForDomain(SmbSession.java:134)
jcifs.http.NtlmHttpFilter.negotiate(NtlmHttpFilter.java:150)
jcifs.http.NtlmHttpFilter.doFilter(NtlmHttpFilter.java:114)
The IP addresses and machine names are all ping-able from the webserver running Tomcat.
What other troubleshooting steps can you recommend?
<http://www.microstrategy.com/EmailFooter>
________________________________
> >If you don't have wins then you could try setting jcifs.netbios.lmhosts
> >[1] to a file that maps the IP you had for domainController to DOMAIN.
> >
> >Otherwise, we need to fix the code so that preauth works with
> >domainController. It's on The List.
> >
> >Mike
> >
> >http://jcifs.samba.org/src/docs/resolver.html
> >
> >
> >
> >
> >
>
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the jcifs
mailing list