[jcifs] lmCompatibility and multiple hosts

Michael B Allen ioplex at gmail.com
Wed Nov 14 08:24:33 MST 2012


On Mon, Oct 22, 2012 at 10:20 AM, Christian Ghisler <support at ghisler.com> wrote:
> Hi!
>
> I'm using Jcifs in a free (and ad-free) file manager for Android.
> So far it works great, except for some older Linux-based NAS
> devices which require lmCompatibility=0, useExtendedSecurity=false.
> The user has to check an option in the program to access the NAS:
> "Older NAS compatibility (LMv1)".

Hi Christian,

Yeah, the client chooses the version so if it tries NTLMv2 and the
server doesn't support it, it will fail and it's up to the client to
just try again with NTLMv1.

> The problem occurs when the user tries to access multiple servers
> with different SMB versions:
>
> 1. First he connects to a Windows computer, with lmCompatibility=3,
> useExtendedSecurity=true.
>
> 2. Then he tries to connect to the NAS with lmCompatibility=0,
> useExtendedSecurity=false.
>
> However, Jcifs seems to ignore these paramters after the initial
> connection, so the connection to the NAS fails. The program must
> be killed via a task manager and restarted to be able to connect
> to the NAS.
>
> So my question is: Is there any function to unload all cached
> connections and/or reinitialize Jcifs without restarting the entire
> program?

No, I don't think there is and there probably should be something like that.

But ideally the client should just retry with NTLMv1 in this
particular case. Of course those really old NAS devices that have been
sitting in someones basement for 15 years are the only servers that
don't support NTLMv2.

You might be able to use a separate ClassLoader to load the SmbFile,
try to connect and it fails because the server doesn't support NTLMv2,
try creating a new ClassLoader with the parameters for NTLMv1 and try
again. If you use a new ClassLoader, there's no way the old objects
(and thus the old connections) can be re-used from the old ClassLoader
instance. Just make sure you use a separate ClassLoader for each
server so that you do not accidentally try to use NTLMv1 with a server
that supports NTLMv2.

Mike

-- 
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/


More information about the jCIFS mailing list