|

»

JCIFS / NTLMv2 support

View: New views

3 Messages — Rating Filter: Alert me

	JCIFS / NTLMv2 support by David Martí :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, We are providing a solution for our scanners by means of it the user can scan files which will be sent to a preconfigured network folder. We are using JCIFS v1.2.9 to manage this digital send capability. Right now a customer is requiring NTLMv2 authentication for connections in this solution and after reading a lot we are confused about whether our version of JCIFS supports or not. We see explicitly support for NTLMv2 since version 1.3.0 of JCIFS in your notes and also in the faq, but our experience on testing our current version of JICFS (v1.2.9) is that it seems to work at client side: - We have a folder server with value "5" at the registry key lmCompatibiltyLevel, which is supposed to only accept NTLMv2 authentication. - When we set jcifs.smb.lmCompatibility to 3 the communication is done without any problem. Taking this into account could we think there is a complete NTLMv2 authentication in this sceneario - and not neeed to migrate the solution to use JCIFS v1.3.0+? Thanks in advance, David
	Re: JCIFS / NTLMv2 support by Michael B Allen :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thu, Oct 29, 2009 at 6:01 AM, David Martí <david.marti.moya@...> wrote: > Hi, > We are providing a solution for our scanners by means of it the user can scan > files which will be sent to a preconfigured network folder. We are using JCIFS > v1.2.9 to manage this digital send capability. > > Right now a customer is requiring NTLMv2 authentication for connections in this > solution and after reading a lot we are confused about whether our version of > JCIFS supports or not. > > We see explicitly support for NTLMv2 since version 1.3.0 of JCIFS in your notes > and also in the faq, but our experience on testing our current version of JICFS > (v1.2.9) is that it seems to work at client side: > > - We have a folder server with value "5" at the registry key > lmCompatibiltyLevel, which is supposed to only accept NTLMv2 authentication. > - When we set jcifs.smb.lmCompatibility to 3 the communication is done without > any problem. > > Taking this into account could we think there is a complete NTLMv2 > authentication in this sceneario - and not neeed to migrate the solution to use > JCIFS v1.3.0+? Hi David, JCIFS prior to 1.3.0 did not support NTLMv2. Domain policy can be applied at the domain level, the domain controller level, to specific OUs and can depend on other things. I think maybe you got just lucky. But I don't think the API actually changed between 1.2 and 1.3. I just incremented the minor number to reflect the significant change in functionality. I realize you still need to test everything but it should be pretty much a drop in replacement. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/
	Re: JCIFS / NTLMv2 support by David Martí :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks Michael, this way, we will work in changing to a newer JCIFS version. Regards, David -----Original Message----- From: Michael B Allen [mailto:ioplex@...] Sent: jueves, 29 de octubre de 2009 17:00 To: Marti, David Cc: jcifs@... Subject: Re: [jcifs] JCIFS / NTLMv2 support On Thu, Oct 29, 2009 at 6:01 AM, David Martí <david.marti.moya@...> wrote: > Hi, > We are providing a solution for our scanners by means of it the user can scan > files which will be sent to a preconfigured network folder. We are using JCIFS > v1.2.9 to manage this digital send capability. > > Right now a customer is requiring NTLMv2 authentication for connections in this > solution and after reading a lot we are confused about whether our version of > JCIFS supports or not. > > We see explicitly support for NTLMv2 since version 1.3.0 of JCIFS in your notes > and also in the faq, but our experience on testing our current version of JICFS > (v1.2.9) is that it seems to work at client side: > > - We have a folder server with value "5" at the registry key > lmCompatibiltyLevel, which is supposed to only accept NTLMv2 authentication. > - When we set jcifs.smb.lmCompatibility to 3 the communication is done without > any problem. > > Taking this into account could we think there is a complete NTLMv2 > authentication in this sceneario - and not neeed to migrate the solution to use > JCIFS v1.3.0+? Hi David, JCIFS prior to 1.3.0 did not support NTLMv2. Domain policy can be applied at the domain level, the domain controller level, to specific OUs and can depend on other things. I think maybe you got just lucky. But I don't think the API actually changed between 1.2 and 1.3. I just incremented the minor number to reflect the significant change in functionality. I realize you still need to test everything but it should be pretty much a drop in replacement. Mike -- Michael B Allen Java Active Directory Integration http://www.ioplex.com/