Re: LDAP Behavior

There are various RPC protocols that some Windows APIs use that access the
directory and there is also Kerberos for authentication. It is possible
that the MMC used some of these APIs. A pure LDAP tool like ldp.exe should
generate almost all LDAP traffic and it should look like standard LDAP to a
sniffer.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Ravi Padmakar" <ravlinxer@xxxxxxxxx> wrote in message
news:1194623710.871885.195740@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Yeah, I was just thinking in the same lines. I think I was using
something like a Management Interface to AD, to Edit the directory and
hence a different protocol gets used, right ? The port used is UDP
137 (NBNS) .. What other protocols are you referring to here ?

Thanks.


On Nov 8, 11:21 pm, "Joe Kaplan"
<joseph.e.kap...@xxxxxxxxxxxxxxxxxxxxxxxx> wrote:
How are you accessing AD when you generate this traffic? AD LDAP is
normal
LDAP, but there are many other interfaces to AD that use different
protocols. Was the traffic you saw on port 389?

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"http://www.directoryprogramming.net
--"Ravi Padmakar" <ravlin...@xxxxxxxxx> wrote in message

news:1194564315.099140.148060@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Hey,
I am trying to find some info on LDAP behavior (using Active
Directory). And I see on an ethereal capture, that when I access an AD
Server on the same System It seems to use NBNS/NBIPX (This is not in
ASN.1) where as when I access an external Server it uses the ldap
protcol ie All Messages are in ASN.1 BER

Could you please tell me if I am missing something here. Because this
seems weird behavior to me.

Thank You,
Ravi Veparala




.

Relevant Pages

  • Re: How do I convert sid retrieved from the AD to SDDL string form
    ... LDAP doesn't support joins. ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... objectSid property to a SecurityIdentifier class. ...
    (microsoft.public.dotnet.security)
  • Re: Urgent: Restrict LDAP Queries of a domain user
    ... The way I read your question was from a strictly LDAP sense. ... query, they can do a one-level or base level query as well. ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.windows.server.active_directory)
  • Re: paged search control - how to
    ... hides the underlying LDAP page control stuff from you. ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... I heard paged search control will return pages in the limits. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Pure LDAP Authentication using vb.net
    ... Like I said, I don't know how to do group membership in Novell, so I don't ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... you will likely need to use something like LDAP simple bind. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Tuning LDAP
    ... changing the maxPageSize from the default of 1000. ... single LDAP query and forcing the LDAP client to use paged queries to ... As such, any app, including an innocuous looking script, could begin causing ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ...
    (microsoft.public.windows.server.active_directory)