Differences between revisions 1 and 2
Revision 1 as of 2004-12-22 08:13:05
Size: 2017
Editor: p54875bbd
Comment: add LDAP protocol -- metze@samba.org
Revision 2 as of 2004-12-24 23:34:01
Size: 2051
Editor: UlfLamping
Comment: some editing
Deletions are marked like this. Additions are marked like this.
Line 34: Line 34:
TODO: - A complete list of LDAP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/LDAP/LDAP.html LDAP display filter reference]
A complete list of LDAP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/l/ldap.html LDAP display filter reference]
Line 37: Line 38:
 LDAP TODO... }}}  ldap }}}
Line 41: Line 42:
TODO: ... You cannot directly filter LDAP protocols while capturing.
Line 47: Line 48:
 * [http://www.mozilla.org/directory/standards.html Additional links can be found here: http://www.mozilla.org/directory/standards.html]  * Additional links can be found here: [http://www.mozilla.org/directory/standards.html http://www.mozilla.org/directory/standards.html]
Line 50: Line 51:

Lightweight Directory Access Protocol (LDAP)

The Lightweight Directory Access Protocol: The protocol accessing data from directory services like [http://www.openldap.org/ OpenLDAP], [http://www.microsoft.com/windowsserver2003/technologies/directory/activedirectory/default.mspx Microsoft Active Directory], [http://enterprise.netscape.com/ Netscape Directory Server] or [http://www.novell.com/products/edirectory/ Novell eDirectory].

History

LDAP was developed as simple access protocol for ["X.500"] databases.

Protocol dependencies

  • ["TCP"]/["UDP"]: Typically, LDAP uses ["TCP"] or ["UDP"] as its transport protocol. The well known TCP and UDP port for LDAP traffic is 389.
  • ["SSL"]/["TLS"]: LDAP can also be tunneled through ["SSL"]/["TLS"] encrypted connections. The wellknown TCP port for ["SSL"] is 636 while ["TLS"] is negotiated within a plain ["TCP"] connection on port 389.

Example traffic

TODO: - Add example traffic here (as plain text or Ethereal screenshot).

Ethereal

The LDAP dissector is (fully functional).

Preference Settings

TODO: - Add links to preference settings affecting how LDAP is dissected.

Example capture file

attachment:SampleCaptures/ldap-controls-dirsync-01.cap Sample LDAP PDU with DIRSYNC CONTROLS

attachment:SampleCaptures/ldap-krb5-sign-seal-01.cap Sample GSSAPI-KRB5 signed and sealed LDAP PDU

Display Filter

A complete list of LDAP display filter fields can be found in the [http://www.ethereal.com/docs/dfref/l/ldap.html LDAP display filter reference]

  • Show only the LDAP based traffic:

     ldap 

Capture Filter

You cannot directly filter LDAP protocols while capturing.

Discussion

LDAP (last edited 2013-05-30 16:06:57 by SakeBlok)