[jcifs] Very generic question about NTLM HTTP authentication
Michael B Allen
ioplex at gmail.com
Mon Feb 9 01:46:32 GMT 2009
On Sun, Feb 8, 2009 at 8:15 PM, André Warnier <aw at ice-sa.com> wrote:
> I have a couple of additional questions :
> Referring to this section : http://jcifs.samba.org/src/docs/faq.html#ntlmv2
>
> a) in item 2. , what does the term "target server" refer to ? Is that the
> Tomcat host ? or the DC ?
It means the jcifs.http.domainController. Note that stuff about LMv2
is bogus. When the FAQ was written it was theorized that the LMv2
business might work. It won't. I really should update the FAQ. It's
very old.
> b) in the case in which I am having problems, the Vista/IE combination does
> not work, but the XP/IE combination is still working. The Tomcat server is
> the same, the jCIFS module is the same, and the DC is the same. So I have
> to assume that it is the Vista/IE combination which does something
> differently. Do you know what it could be ?
The Vista clients are set to do NTLMv2 only. But the XP clients are
not. That doesn't surprise me.
Run regedit on each client and look at
HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel. Is it
set to 3 or above? If so, NTLMv2 is required and thus the JCIFS NTLM
HTTP Filter cannot be used.
Mike
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
More information about the jcifs
mailing list