[jcifs] Domain based DFS support in Kerberos code, or NTLMv2 support in Java 1.4?

Darren Taft daztop at rocketmail.com
Wed Mar 25 18:43:11 GMT 2009

> > It has taken me a while to find the support engineer for that server. 
> > Eventually the response has come back as:
> >
> > Server Op Sys: Windows server 2003 Ver. 5.2
> > No service Pack
> >
> > He's been unable to tell me of anything different about that server build.
> That's strange. I forget. Why can't you do NTLMv2? If the server is
> really Windows Server 2003, it can do NTLMv2 so please remind me what
> your overall issue is again.

I'm restricted to using Java 1.4, so no RC4 cipher available.

NTLMv2 enabled, the test code works fine - but it must be connecting
with NTLMv1 as we know that NTLMv2 would trigger the RC4 cipher error. 
I can't leave NTLMv2 enabled though, as none of the other servers (that
do support NTLMv2) work.

With NTLMv2 disabled, the test code works to all other servers except this one causing problems.

> >> Meanwhile I'll recompile with 1.4 and run the usual tests with
> >> jcifs.smb.client.useExtendedSecurity=false and
> >> jcifs.smb.lmCompatibility=0 against NetApp and an old version of
> >> Samba.
> >>
> >> But I'm a little busy with other things right now so this might take a
> >> week or so.
> >
> > Have you had a chance to look at this at all?  Have you had any thoughts on 
> > what it might be?
> All versions of JCIFS released after replying to this the last time
> have been recompiled with Java 1.4. I think the last two versions at
> least were compiled with Java 1.4. And I tested and confirmed NTLMv1
> behavior with Java 1.4 w/o RC4 and confirmed that it works.

there anything specific about Windows 2003 with no service pack that
caused NTLMv2 issues?  Do you have a server you can test to?




More information about the jcifs mailing list