|
Exactly. Since I can't find documentation on this anywhere,
I feel it should firmly go into the classification of BUG.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, March 25, 2005 1:16 PM To: [email protected] Subject: RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Question was LDAPS part 2 That is exactly what I
saw as well. Using the IP address kills off the ability to use Kerberos,
forcing SNEGO to NTLM, and then the whole connection is encrypted after that
even though I did not specific LDAP_OPT_ENCRYPT. Joe
K. From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe I can do better for
you... Fire up ethereal with a
capture filter of tcp port 389 Open
LDP o type in a DC name and
click OK o Type in your bind
info and bind o Click on view|tree
and hit enter on the empty dialog (you can fill something in if you want but not
necessary) Look at the trace, you
should note that the traffic on the tree view is all clear
text Now do the same but use
an IP address of the DC. Traffic should be all
encoded/encrypted. This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. |
Title: Message
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Questi... joe
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Q... Rick Kingslan
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Q... Eric Fleischman
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Q... Eric Fleischman
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Q... Eric Fleischman
- RE: [ActiveDir] LDAP NTLM Authed Channel Encryption Q... joseph.e.kaplan
