[jcifs] NTLMv2 and DFS referrals

Darren Taft daztop at rocketmail.com
Thu Jul 30 08:37:22 MDT 2009


> > Thanks for the quick response as usual Mike.  I'll directly message you with a 
> log of what happens, as well as the source code I use to reproduce the problem - 
> it's a cut down version of what I have on live.
> 
> I received your log and ListFiles.java.
> 
> The primary issue is probably that the hostname used in the SMB URL is
> not a fully qualified DNS domain name.
> 
> But I would need a packet capture to verify that the referral is
> failing because of this. I'm not sure if NetBIOS names are valid
> domain-based DFS domain names.

All the names are DNS registered, with their DNS domain being included as a DNS search suffix on all machines in the company (they're also WINS registered, although that is more for legacy reasons and most machines aren't configured with WINS anymore).

> If the target is a stand-alone DFS volume, then in theory this should
> work assuming you have the right properties set but again I would need
> a capture to really look at this seriously.
> 
> Also, you do not need to modify ListFiles. The first commandline
> argument is the SMB URL.

I'd forgotten about the ability to specify authentication details in the configuration.  The captures I've emailed you are now using the standard ListFiles code.

> Finally, you might want to try the same path from a Windows
> workstation. As a general rule, if you can show something work with a
> vanilla Windows client but fail with JCIFS, then provide captures of
> equivalent operations and I will compare and fix. As Forrest Gump
> would say, "JCIFS is as Windows does".

Everything works OK from Windows - the app I've written provides a web interface onto network shares that are used by tens of thousands of users every day.

Packet capture and log emailed to you separately.

Cheers,

darren



      


More information about the jcifs mailing list