[jcifs] NTLMv2 and DFS referrals

Darren Taft daztop at rocketmail.com
Wed Jul 29 12:59:50 MDT 2009

I use jCIFS to browse network shares from a web application, but I've
spent the last couple of days trying to work out why my code sometimes
fails on our domain.

I've so far narrowed it down to the fact
that it only fails when it attempts to connect to one of our new Active
Directory 2008 domain controllers to resolve a DFS referral (our domain
currently has a mixture of 2003 and 2008 servers).

The error
message that is returned is always NT_STATUS_NOT_FOUND, and I've been
adding debug statements deeper and deeper into the code to find out
exactly where it comes from.

I've just reached the SmbSession
class - the call to session.send().  When opening this class, I've
spotted this message at the top:

* Update June 2009: This logon method of this class does not and never will
* support NTLMv2. JCIFS does not implement the acceptor side of NTLM
* authentication. It can only initiate NTLM authentication as a client.

I continue digging deeper, can I please confirm - am I going to hit a
brick wall here?  Does jCIFS support DFS referrals in a Windows 2008 AD
where NTLMv2 is required?  I think this message is just referring to
the use of SmbSession from a server so wouldn't apply in this scenario,
but I just want to check.




More information about the jcifs mailing list