Connecting to OPC Server using NTLMv2
168 views
Skip to first unread message
Mike Bikoulis
May 19, 2020, 4:23:58 PM5/19/20
to openSCADA
Hello,
We recently installed our software on a customer's server which only allows NTLMv2. We immediately faced issues because the org.openscada.opc.lib.da.Server class that we use does not enable NTLMv2, so we got connection failures when our application tried to connect to the OPC Server. We are using org.openscada.utgard 1.5.0.
We modified the org.openscada.opc.lib.da.Server class to enable NTLMv2 and sessionSecurity, and our application successfully connects to the OPC Server now.
Unfortunately, after some minutes of operation we start to get the following exception now and then:
2020-05-17 14:27:26,755 INFO [Timer-5] org.jinterop.dcom.core.JIComOxidRuntime - Running ClientPingTimerTask !
2020-05-17 14:27:26,787 INFO [Timer-5] org.jinterop.dcom.core.JIComOxidRuntime - Within ClientPingTimerTask: holder.currentSetOIDs, current size of which is 3
2020-05-17 14:27:26,787 INFO [Timer-5] org.jinterop.dcom.core.PingObject - Complex Ping going for the first time, will get the setId as response of this call
2020-05-17 14:27:26,787 INFO [Timer-5] org.jinterop.dcom.core.PingObject - Complex ping going : listOfAdds -> Size : 3 , [{ IPID ref count is 3 } and OID in bytes[] 00000: ED D1 64 86 B0 C2 0B 3D |íÑd.°Â.= |
, hasExpired false } , { IPID ref count is 3 } and OID in bytes[] 00000: 1F 28 6F 02 7E C0 0F 7E |.(o.~À.~ |
, hasExpired false } , { IPID ref count is 2 } and OID in bytes[] 00000: 8C 53 9C D9 59 1A 26 AE |.S.ÙY.&® |
, hasExpired false } ]
2020-05-17 14:27:26,787 INFO [Timer-5] org.jinterop.dcom.core.PingObject - listOfDels -> Size : 0 , []
2020-05-17 14:27:26,802 WARN [Timer-5] org.jinterop.dcom.core.JIComOxidStub - call
rpc.FaultException: Received fault. (unknown)
at rpc.ConnectionOrientedEndpoint.call(ConnectionOrientedEndpoint.java:147)
at rpc.Stub.call(Stub.java:134)
at org.jinterop.dcom.core.JIComOxidStub.call(JIComOxidStub.java:100)
at org.jinterop.dcom.core.JIComOxidRuntime$ClientPingTimerTask.run(JIComOxidRuntime.java:309)
at java.util.TimerThread.mainLoop(Timer.java:555)
at java.util.TimerThread.run(Timer.java:505)We looked at the Windows Security Log in the Event Viewer and we see that when we get the above exception, we get a "failure to logon", Event ID 4625, "Unknown username or bad password", "Authentication Package NTLM".
This does not make sense since we are already connected to the OPC Server when we get this error. Why does the ClientPingTimerTask fail in this way?
Regards,
Mike
Mike Bikoulis
May 27, 2020, 3:09:31 AM5/27/20
to openSCADA
Hello again,
We managed to fix the problem by modifying the classorg.jinterop.dcom.core.JIComOxidStub and setting the field "defaults" to NTLMv2 properties.
Cheers,
Mike
A. Corral
Dec 1, 2020, 10:09:50 PM12/1/20
to openSCADA
Hello,
First of all, thank you for the information
I have two questions:
- Where is the source code of 1.5 available?
- Mike, is your NTLMv2 available on any public repo?
Regards,
Mike Bikoulis
Dec 5, 2020, 5:39:12 AM12/5/20
to open...@googlegroups.com
Hello,
> - Where is the source code of 1.5 available?
We fetch the utgard resources from the public maven repository
https://mvnrepository.com/artifact/org.openscada.utgard
> - Mike, is your NTLMv2 available on any public repo?
No, unfortunately it is not, but as the thread describes, the changes
are very small, just making sure the ntlmv2 properties are hardcoded
to true.
Regards,
Mike
> --
> You received this message because you are subscribed to the Google Groups "openSCADA" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to openscada+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/openscada/9c8885b5-f28f-480a-82cb-716f6a92dfe9n%40googlegroups.com.
> - Where is the source code of 1.5 available?
https://mvnrepository.com/artifact/org.openscada.utgard
> - Mike, is your NTLMv2 available on any public repo?
are very small, just making sure the ntlmv2 properties are hardcoded
to true.
Regards,
Mike
> You received this message because you are subscribed to the Google Groups "openSCADA" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to openscada+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/openscada/9c8885b5-f28f-480a-82cb-716f6a92dfe9n%40googlegroups.com.
A. Corral
Dec 7, 2020, 12:44:19 PM12/7/20
to open...@googlegroups.com
Ok. Thank you.
You received this message because you are subscribed to a topic in the Google Groups "openSCADA" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/openscada/pSYJvSl2OHY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to openscada+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openscada/CADBJp9mYJs-kY-xzMZ-0S6Ebx1L-b3afoeDOT5ZU41C1fWmR_Q%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages