RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2

[joe]

Title: Message

I can do better for you...   Fire up ethereal with a capture filter of tcp port 389   Open LDP   o type in a DC name and click OK o Type in your bind info and bind o Click on view|tree and hit enter on the empty dialog (you can fill something in if you want but not necessary)   Look at the trace, you should note that the traffic on the tree view is all clear text   Now do the same but use an IP address of the DC.   Traffic should be all encoded/encrypted.     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Thursday, March 24, 2005 11:21 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2 Two questions: 1)       Can I see the line(s) of code that does(do) the bind? 2)       What is the timestamp and version number on the wldap32.dll that you’re calling?   With that I can probably track it down.   Thanks! ~Eric     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, March 24, 2005 7:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2   That is exactly what I was thinking. I bounced it off Eric but he hasn't had a chance to look at it yet.     joe   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, March 24, 2005 10:13 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2 Doesn’t that smell like a bug or something?  This doesn’t seem to be the documented behavior.   Eric? J   We could bounce this off the SDK team too as they are responsible for the code.   Joe K.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, March 23, 2005 9:29 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2   No encrypt specified, in fact I can specifically set it to off (0) and it still encrypts. I can not get it to do anything clear text once it hits and succeeds the SASL NTLM bind.     joe This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.