Unable to access map points with NTLM auth after installing MS15-027 on domain controller

Version 1

    Verified Product Versions

    File Director 3.6File Director 3.5File Director 3.0File Director 2.0File Director 4.0


    Map point shows as offline, although can be added via the admin console.

    Appliance diagnostic logs (orca_out*.log) show invalid credential messages similar to the following:

    jcifs.smb.SmbAuthException: Logon failure: unknown user name or bad password.

    at jcifs.smb.SmbTransport.checkStatus(SmbTransport.java:567)

    at jcifs.smb.SmbTransport.send(SmbTransport.java:691)

    at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:395)

    at jcifs.smb.SmbSession.send(SmbSession.java:224)

    at jcifs.smb.SmbTree.treeConnect(SmbTree.java:199)

    at jcifs.smb.SmbFile.doConnect(SmbFile.java:955)

    at jcifs.smb.SmbFile.connect(SmbFile.java:998)

    at jcifs.smb.SmbFile.connect0(SmbFile.java:924)

    at jcifs.smb.SmbFile.open0(SmbFile.java:1014)

    at jcifs.smb.SmbFile.createNewFile(SmbFile.java:2610)


    at jcifs.JCIFS.main(JCIFS.java:29)

    A TCP Dump / Network trace show messages similar to the following:


    2833216.432939132.229.26.17132.229.18.56SMB206Session Setup AndX Request, NTLMSSP_NEGOTIATE


    2833916.433992132.229.18.56132.229.26.17SMB294Session Setup AndX Response, NTLMSSP_CHALLENGE, Error: STATUS_MORE_PROCESSING_REQUIRED


    2834116.434302132.229.26.17132.229.18.56SMB422Session Setup AndX Request, NTLMSSP_AUTH, User: Domain\User


    2835616.437742132.229.18.56132.229.26.17SMB109Session Setup AndX Response, Error: STATUS_LOGON_FAILURE


    This can be caused by the following update MS15-027 where the back end resides on certain SAN types. For more details see https://support.microsoft.com/en-us/kb/3002657

    This prevents NTLM authentication (as used by DataNow) from working correctly

    If the storage is configured for Kerberos authentication, DataNow 4 can be configured to use this via the admin console.