[jcifs] Logon failure: unknown user name or bad password

Jason Millard jsm174 at gmail.com
Thu Jul 7 14:57:46 MDT 2011 

Hello.

I've been using JCIFS 1.3.15 in an enterprise environment for almost 8
months now. I've never had any issues connecting to remote servers.
Today a user contacted me saying he could not access a network share.
The server is in another domain so I don't know the technical specs on
it. I was able to connect to it successfully via XP and mapping a
drive.

I wrote a little test application and set the logger settings to 10.
Then I connected to my share and the users share and started comparing
the logs side by side.

   [Working]
   SmbFile[] files = new
SmbFile("smb://domain1;user1:<pwd>@server1/user1share/My
Documents/").listFiles();

   [Not Working]
   SmbFile[] files = new
SmbFile("smb://domain2;user2:<pwd>@server2/user2share/My
Documents/").listFiles();

I don't want to clutter the email with logs, unless needed. Maybe some
one can point me in the right direction.

Basically, most things look identical, except for a few things. In the
first SmbComNegotiateResponse the capabilities seems different:

   [Working] SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0098,flags2=0xC807,signSeq=0,tid=0,pid=32565,uid=0,mid=1,wordCount=17,byteCount=119,wordCount=17,dialectIndex=0,securityMode=0x3,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x8001F3FD,serverTime=Thu
Jul 07 14:06:10 EDT
2011,serverTimeZone=65416,encryptionKeyLength=0,byteCount=119,oemDomainName=]

   [Not Working]
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0098,flags2=0xC807,signSeq=0,tid=0,pid=63407,uid=0,mid=1,wordCount=17,byteCount=117,wordCount=17,dialectIndex=0,securityMode=0x3,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x8001F3FC,serverTime=Thu
Jul 07 14:04:47 EDT
2011,serverTimeZone=65056,encryptionKeyLength=0,byteCount=117,oemDomainName=]

On the second SmbComNegotiateResponse, besides the capabilities being
different, a sessionKey is introduced:

   [Working]
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0081,flags2=0x8801,signSeq=0,tid=0,pid=32565,uid=0,mid=1,wordCount=17,byteCount=107,wordCount=17,dialectIndex=0,securityMode=0x3,security=user,encryptedPasswords=true,maxMpxCount=127,maxNumberVcs=1,maxBufferSize=65535,maxRawSize=65535,sessionKey=0x00000000,capabilities=0x8000F3FD,serverTime=Thu
Jul 07 14:06:10 EDT
2011,serverTimeZone=240,encryptionKeyLength=0,byteCount=107,oemDomainName=]

   [Not Working]
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0088,flags2=0xC843,signSeq=0,tid=0,pid=63407,uid=0,mid=1,wordCount=17,byteCount=112,wordCount=17,dialectIndex=0,securityMode=0x3,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=65535,maxRawSize=65535,sessionKey=0x0005900F,capabilities=0x8000C2FC,serverTime=Thu
Jul 07 14:04:50 EDT
2011,serverTimeZone=0,encryptionKeyLength=0,byteCount=112,oemDomainName=]

Finally, from the Type3Message after

   [Working]
   Type3Message[domain=DOMAIN1,user=USER1,workstation=JCIFS2_1_76,lmResponse=<24
bytes>,ntResponse=<200 bytes>,sessionKey=null,flags=0x20080201]
   SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC803,signSeq=0,tid=0,pid=32565,uid=63,mid=3,wordCount=12,byteCount=371,andxCommand=0xFF,andxOffset=0,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,lmHash.length=0,ntHash.length=0,capabilities=-2147479468,accountName=null,primaryDomain=null,NATIVE_OS=Mac
OS X,NATIVE_LANMAN=jCIFS]
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0098,flags2=0xC801,signSeq=0,tid=0,pid=32565,uid=63,mid=3,wordCount=4,byteCount=51,andxCommand=0xFF,andxOffset=0,isLoggedInAsGuest=false,nativeOs=EMC-SNAS,nativeLanMan=NT1,primaryDomain=]
   NtlmContext[auth=DOMAIN1\USER1,ntlmsspFlags=0x20080000,workstation=JCIFS2_1_76,isEstablished=true,state=3,serverChallenge=08C32D0F02663B19,signingKey=null]
   .
   .
   .

   [Not Working]
   Type3Message[domain=DOMAIN2,user=USER2,workstation=JCIFS2_1_AD,lmResponse=<24
bytes>,ntResponse=<96 bytes>,sessionKey=null,flags=0x20080205]
   SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC803,signSeq=0,tid=0,pid=63407,uid=1,mid=3,wordCount=12,byteCount=265,andxCommand=0xFF,andxOffset=0,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,lmHash.length=0,ntHash.length=0,capabilities=-2147483564,accountName=null,primaryDomain=null,NATIVE_OS=Mac
OS X,NATIVE_LANMAN=jCIFS]
   SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=Logon
failure: unknown user name or bad
password.,flags=0x0088,flags2=0xC843,signSeq=0,tid=0,pid=63407,uid=1,mid=3,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,isLoggedInAsGuest=false,nativeOs=,nativeLanMan=,primaryDomain=]
   jcifs.smb.SmbAuthException: Logon failure: unknown user name or bad password.


I've also tried using the jcifs.smb.client.signingPreferred settings
to true and I upgraded to 1.3.16.

Any suggestions would be greatly appreciated.

Thanks,
-- Jason

More information about the jCIFS mailing list