DAP

Directory Access Protocol (DAP)

The Directory Access Protocol (DAP) is used by Directory User Agemts (DUAs) to retrieve information from a Directory System Agent (DSA). The information in the DSA is stored in entries in a hierarchical form, with each entry containing attributes that are specific to one of more object classes. DAP allows a client to list, search, add, delete, modify and rename the entries within the DSA.

If a DSA does not hold the information being searched for, it may chain the DAP operation to another DSA using DSP.

History

Protocol dependencies

Example traffic

XXX - Add example traffic here (as plain text or Wireshark screenshot).

Wireshark

The DAP dissector is fully functional, including support for signed operations.

From the source file packet-dap.c (fodder for Wiki searches)

/* packet-dap.c
 * Routines for X.511 (X.500 Directory Asbtract Service) and X.519 DAP  packet dissection
 * Graeme Lunt 2005
/* we don't have a separate dissector for X519 -
   most of DAP is defined in X511 */
#define PNAME  "X.519 Directory Access Protocol"

Preference Settings

There is a single preference field for the DAP dissector, the DAP TCP Port - the port to which DAP associations are made. The default value is 102.

NOTE: moved in 31205360 : "Have TPKT support a TCP port range preference instead of having "subdissectors?" register their own." 210701_dap_preferences

Example capture file

To be provided.

Attached to issue #5507 (closed) : "X.519 - BER: Dissector for OID:1.3.12.2.1011.5.4.1.1 and OID:1.3.12.2.1011.5.4.1.2 not implemented. Contact Wireshark developers if you want this supported"

TSTI11_DSA.TRC: example trace file highlighting the missing dissector

Display Filter

A complete list of DAP display filter fields can be found in the display filter reference

Show only the DAP based traffic:

 dap

Capture Filter

You cannot directly filter DAP protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.

Capture only the DAP traffic over a non-standard port (19970):

 tcp port 19970 

External links

Discussion


Imported from https://wiki.wireshark.org/DAP on 2020-08-11 23:12:26 UTC