[jcifs] Querying SIDs with NTLM + JCIFS 1.3.0

Scheidecker scheideckerantunes at GMAIL.COM
Fri Nov 14 21:33:50 GMT 2008 

Thanks Michael,

But what I want is to obtain the SIDs (like the group SIDs) associated to a
given user who is already authenticated.

I am NOT allowed to use LDAP nor Active Directory for this. It is supposed
to be NTLM/JCIFS only.

The JCIFs library returns only the domain SID. It does not give the SID for
the user I was able to authenticate to.

It returns something like this: Sid Domain SID:
S-1-5-21-402069406-3869844813-1802790904

Also, do you know if it is possible to get the session id for a successful
login using NTLM via smbSession.logon()?

I've checked the source code and I was not able to find anything about it.

I could play with NtlmPasswordAuthentication to try to fetch it

                        NTLMAuth = new
NtlmPasswordAuthentication(domainName,userName,password);
			SmbSession.logon(myDomain, NTLMAuth);
			byte[] Key = new byte[40];
			byte[] test = NTLMAuth.getUserSessionKey(Key);

But, then I must know how to correctly pass the server challenge key.

Thanks again.



Michael B Allen wrote:
> 
> There's no code to resolve a name to a SID, only a SID to a name. It
> would be necessary to add the correct IDL, create new classes in
> jcifs.dcerpc.msrpc, modify the API, ... etc. I do not have time for
> that. I'm very backed up here. Sorry.
> 
> If you figure out how to do it yourself, send us a patch and I'll put
> it in the patches directory. There are probably other people that want
> to do the same thing.
> 
> Mike
> 
> PS: You can also use LDAP to get the SID. It's the account's objectSid
> attribute.
> 
> On Thu, Nov 13, 2008 at 3:32 PM, Tom Scheideck <scheidecker at hotmail.com>
> wrote:
>> Hello,
>>
>> After authenticating an user via NTLM, how can I obtain the SID from the
>> User, not the SID from the Domain?
>>
>> Note the code snippet. I can obtain the Domain SID from the
>> NtlmPasswordAuthentication object but I cannot get the current user
>> domain
>> SID which is what I would like to get to fetch all the group SIDs related
>> to
>> it.
>>
>> I cannot use Active Directory for this, it is a new requirement for NTLM
>> only,
>>
>> Also, any way to get the current user SID and all the Group SIDs for it
>> from
>> NTLM?
>>
>> I can get the Domain SID but that is it.
>>
>> I am using JCIFs 1.3.0 jar.
>>
>> In my code, I try to force SIDs by trying to loop all possibilites from
>> RID
>> 1120 and then call resolveSids.
>>
>> But, that does not work.
>>
>> Any light to this?
>>
>> Thanks in advance.
>>
>>
>> try {
>>     UniAddress myDomain = getPrimaryDomain(ip);
>>     NTLMAuth = new
>> NtlmPasswordAuthentication(domainName,userName,password);
>>     SmbSession.logon(myDomain, NTLMAuth);
>>     // after loging in, here's how to get the SID for the Domain
>>     jcifs.smb.SID mySid = jcifs.smb.SID.getServerSid(hostName, NTLMAuth);
>>   // this returns something like
>>   // Sid Domain SID: S-1-5-21-796745780-2711697408-451074171
>>   // trying to resolve SIDs this way DOES NOT work
>>   SID[] sids = new SID[10];
>>     sids[0] = mySid; // assigns domain SID???
>>
>>     jcifs.smb.SID.resolveSids(hostName, NTLMAuth, sids);
>>
>>     for (int i = 0; i < sids.length; i++ ) {
>>         System.out.println("Sids["+i+"] Type: " +sids[i].getType());
>>     }
>>
>>     // Second attempt, fails as well
>>
>>     String sidDomainId = ""+mySid.getDomainSid();
>>
>>     SID domsid = new SID(sidDomainId);
>>     int rid = 1120;
>>     int count = 150;
>>
>>     SID[] sids = new SID[count];
>>     for (int i = 0; i < sids.length; i++) {
>>         sids[i] = new SID(domsid, rid++);
>>     }
>>     SID.resolveSids("ts0", null, sids);
>>     for (int i = 0; i < sids.length; i++) {
>>         System.out.println("My SIDs "+sids[i].toString());
>>     }
>>
>>
>>   } catch (SmbException smbe) {
>>       System.out.println("Failed to Authenticate: "+smbe.getMessage()+"
>> NTStatus: "+smbe.getNtStatus());
>>   } catch (Exception e) {
>>       System.out.println("Failed to Authenticate: "+e.getMessage());
>>   }
>> ________________________________
>> Color coding for safety: Windows Live Hotmail alerts you to suspicious
>> email. Sign up today.
> 
> 
> 
> -- 
> Michael B Allen
> PHP Active Directory SPNEGO SSO
> http://www.ioplex.com/
> 
> 

-- 
View this message in context: http://www.nabble.com/Querying-SIDs-with-NTLM-%2B-JCIFS-1.3.0-tp20489012p20508675.html
Sent from the Samba - jcifs mailing list archive at Nabble.com.

More information about the jcifs mailing list