[jcifs] Querying SIDs with NTLM + JCIFS 1.3.0
Scheidecker
scheideckerantunes at GMAIL.COM
Fri Nov 14 21:33:50 GMT 2008
Thanks Michael,
But what I want is to obtain the SIDs (like the group SIDs) associated to a
given user who is already authenticated.
I am NOT allowed to use LDAP nor Active Directory for this. It is supposed
to be NTLM/JCIFS only.
The JCIFs library returns only the domain SID. It does not give the SID for
the user I was able to authenticate to.
It returns something like this: Sid Domain SID:
S-1-5-21-402069406-3869844813-1802790904
Also, do you know if it is possible to get the session id for a successful
login using NTLM via smbSession.logon()?
I've checked the source code and I was not able to find anything about it.
I could play with NtlmPasswordAuthentication to try to fetch it
NTLMAuth = new
NtlmPasswordAuthentication(domainName,userName,password);
SmbSession.logon(myDomain, NTLMAuth);
byte[] Key = new byte[40];
byte[] test = NTLMAuth.getUserSessionKey(Key);
But, then I must know how to correctly pass the server challenge key.
Thanks again.
Michael B Allen wrote:
>
> There's no code to resolve a name to a SID, only a SID to a name. It
> would be necessary to add the correct IDL, create new classes in
> jcifs.dcerpc.msrpc, modify the API, ... etc. I do not have time for
> that. I'm very backed up here. Sorry.
>
> If you figure out how to do it yourself, send us a patch and I'll put
> it in the patches directory. There are probably other people that want
> to do the same thing.
>
> Mike
>
> PS: You can also use LDAP to get the SID. It's the account's objectSid
> attribute.
>
> On Thu, Nov 13, 2008 at 3:32 PM, Tom Scheideck <scheidecker at hotmail.com>
> wrote:
>> Hello,
>>
>> After authenticating an user via NTLM, how can I obtain the SID from the
>> User, not the SID from the Domain?
>>
>> Note the code snippet. I can obtain the Domain SID from the
>> NtlmPasswordAuthentication object but I cannot get the current user
>> domain
>> SID which is what I would like to get to fetch all the group SIDs related
>> to
>> it.
>>
>> I cannot use Active Directory for this, it is a new requirement for NTLM
>> only,
>>
>> Also, any way to get the current user SID and all the Group SIDs for it
>> from
>> NTLM?
>>
>> I can get the Domain SID but that is it.
>>
>> I am using JCIFs 1.3.0 jar.
>>
>> In my code, I try to force SIDs by trying to loop all possibilites from
>> RID
>> 1120 and then call resolveSids.
>>
>> But, that does not work.
>>
>> Any light to this?
>>
>> Thanks in advance.
>>
>>
>> try {
>> UniAddress myDomain = getPrimaryDomain(ip);
>> NTLMAuth = new
>> NtlmPasswordAuthentication(domainName,userName,password);
>> SmbSession.logon(myDomain, NTLMAuth);
>> // after loging in, here's how to get the SID for the Domain
>> jcifs.smb.SID mySid = jcifs.smb.SID.getServerSid(hostName, NTLMAuth);
>> // this returns something like
>> // Sid Domain SID: S-1-5-21-796745780-2711697408-451074171
>> // trying to resolve SIDs this way DOES NOT work
>> SID[] sids = new SID[10];
>> sids[0] = mySid; // assigns domain SID???
>>
>> jcifs.smb.SID.resolveSids(hostName, NTLMAuth, sids);
>>
>> for (int i = 0; i < sids.length; i++ ) {
>> System.out.println("Sids["+i+"] Type: " +sids[i].getType());
>> }
>>
>> // Second attempt, fails as well
>>
>> String sidDomainId = ""+mySid.getDomainSid();
>>
>> SID domsid = new SID(sidDomainId);
>> int rid = 1120;
>> int count = 150;
>>
>> SID[] sids = new SID[count];
>> for (int i = 0; i < sids.length; i++) {
>> sids[i] = new SID(domsid, rid++);
>> }
>> SID.resolveSids("ts0", null, sids);
>> for (int i = 0; i < sids.length; i++) {
>> System.out.println("My SIDs "+sids[i].toString());
>> }
>>
>>
>> } catch (SmbException smbe) {
>> System.out.println("Failed to Authenticate: "+smbe.getMessage()+"
>> NTStatus: "+smbe.getNtStatus());
>> } catch (Exception e) {
>> System.out.println("Failed to Authenticate: "+e.getMessage());
>> }
>> ________________________________
>> Color coding for safety: Windows Live Hotmail alerts you to suspicious
>> email. Sign up today.
>
>
>
> --
> Michael B Allen
> PHP Active Directory SPNEGO SSO
> http://www.ioplex.com/
>
>
--
View this message in context: http://www.nabble.com/Querying-SIDs-with-NTLM-%2B-JCIFS-1.3.0-tp20489012p20508675.html
Sent from the Samba - jcifs mailing list archive at Nabble.com.
More information about the jcifs
mailing list