[jcifs] JCIFS / NTLMv2 support
david.marti.moya at hp.com
Thu Oct 29 10:37:14 MDT 2009
Thanks Michael, this way, we will work in changing to a newer JCIFS version.
From: Michael B Allen [mailto:ioplex at gmail.com]
Sent: jueves, 29 de octubre de 2009 17:00
To: Marti, David
Cc: jcifs at lists.samba.org
Subject: Re: [jcifs] JCIFS / NTLMv2 support
On Thu, Oct 29, 2009 at 6:01 AM, David Martí <david.marti.moya at hp.com> wrote:
> We are providing a solution for our scanners by means of it the user can scan
> files which will be sent to a preconfigured network folder. We are using JCIFS
> v1.2.9 to manage this digital send capability.
> Right now a customer is requiring NTLMv2 authentication for connections in this
> solution and after reading a lot we are confused about whether our version of
> JCIFS supports or not.
> We see explicitly support for NTLMv2 since version 1.3.0 of JCIFS in your notes
> and also in the faq, but our experience on testing our current version of JICFS
> (v1.2.9) is that it seems to work at client side:
> - We have a folder server with value "5" at the registry key
> lmCompatibiltyLevel, which is supposed to only accept NTLMv2 authentication.
> - When we set jcifs.smb.lmCompatibility to 3 the communication is done without
> any problem.
> Taking this into account could we think there is a complete NTLMv2
> authentication in this sceneario - and not neeed to migrate the solution to use
> JCIFS v1.3.0+?
JCIFS prior to 1.3.0 did not support NTLMv2. Domain policy can be
applied at the domain level, the domain controller level, to specific
OUs and can depend on other things. I think maybe you got just lucky.
But I don't think the API actually changed between 1.2 and 1.3. I just
incremented the minor number to reflect the significant change in
functionality. I realize you still need to test everything but it
should be pretty much a drop in replacement.
Michael B Allen
Java Active Directory Integration
More information about the jCIFS