search

hierynomus / smbj

Server Message Block (SMB2, SMB3) implementation in Java
Other
707 stars 180 forks source link

STATUS_LOGON_FAILURE (0xc000006d): Authentication failed for 'dummy_user' using com.hierynomus.smbj.auth.NtlmAuthenticator@1f2c74f5 #770

Closed brijesh-dobariya closed 1 year ago

brijesh-dobariya commented 1 year ago

We have used SMBJ v0.10.0 and we getting STATUS_LOGON_FAILURE (0xc000006d): Authentication failed for 'dummy_user' using com.hierynomus.smbj.auth.NtlmAuthenticator@1f2c74f5 issue while connecting file repository after deployed windows security patch June 13, 2023 - Enforcement by Default but we given workaround to set registry value to 1 on this path HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters.

But our main concern, Microsoft will release one more security patch to force fully disabled NTML authentication on 11 July, 2023 - Enforcement phase.

For more details: https://support.microsoft.com/en-us/topic/kb5021130-how-to-manage-the-netlogon-protocol-changes-related-to-cve-2022-38023-46ea3067-3989-4d40-963c-680fd9e8ee25

There is any changes you guys working for the same. Let me know because many client will affect after 11 July, 2023 paches.

Thanks

hierynomus commented 1 year ago

I indeed had heard this was coming. I have just finished an overhaul of the NTLM authentication, so now the keys in there are derived correctly, and the signing and sealing keys can be constructed. But, given my spare time (open source / hobby), I do not expect to make MS's deadline.

Are you using SMBJ within the company you work for?

brijesh-dobariya commented 1 year ago

Yes, we are using SMBJ in a wider area.

brijesh-dobariya commented 1 year ago

Can you guide us how to use RPC sealing with NTLM authentication. It is very urgent for my company.

hierynomus commented 1 year ago

@brijesh-dobariya Could you try out the code from PR #772? I think this fixes the issue.

brijesh-dobariya commented 1 year ago

Thanks @hierynomus for the update. I'll try out this code and let you know. Has your team tested with Microsoft 13 June 2023 security patch?

hierynomus commented 1 year ago

Did you manage to test it out?

Nobody has tested it out with the patch, because:

  1. I'm alone, there's no team
  2. I'm not paid, so I have only spare time, any sponsorship is welcome.
brijesh-dobariya commented 1 year ago

@hierynomus still we haven't tested with the patch on 11th July, but will plan for the same. I'll let you know once tested.

brijesh-dobariya commented 1 year ago

@hierynomus We have tested NTLM with RPC Sealing with the Microsoft Security Patch released on July 11th, and it's working fine. Thanks for providing NTLM with RPC Sealing.