Retrieving AD account password using jCIFS

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Retrieving AD account password using jCIFS

Ghouse, Sherjeel
Retrieving AD account password using jCIFS

We have a business requirement to delegate the Windows credentials from AD domain to Unix Server. I know kerberos is an option, but we are using apache FTP library to retrieve the Files from Unix File Server. Apache FTP API is limited to sending username and password and not a kerberos ticket. I was wondering if JCIFS provides a mechanism to retrieve User password from domain and can be used to authenticate to Unix File Server. Any thoughts on this will be greatly appreciated.

Thanks
Sherjeel Ghouse


CONFIDENTIALITY NOTICE: This message (including any attachments) may contain Molex confidential information, protected by law. If this message is confidential, forwarding it to individuals, other than those with a need to know, without the permission of the sender, is prohibited.

This message is also intended for a specific individual. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message or taking of any action based upon it, is strictly prohibited.

Chinese Japanese

www.molex.com/confidentiality.html
Reply | Threaded
Open this post in threaded view
|

Re: Retrieving AD account password using jCIFS

Michael B Allen-4
On Tue, 7 Mar 2006 14:19:08 -0600
"Ghouse, Sherjeel" <[hidden email]> wrote:

> We have a business requirement to delegate the Windows credentials from
> AD domain to Unix Server. I know kerberos is an option, but we are using
> apache FTP library to retrieve the Files from Unix File Server. Apache
> FTP API is limited to sending username and password and not a kerberos
> ticket. I was wondering if JCIFS provides a mechanism to retrieve User
> password from domain and can be used to authenticate to Unix File
> Server. Any thoughts on this will be greatly appreciated.

No. That's not possible. Cleartext passwords are virtually never
transmitted over a network.

Mike