RE: [ActiveDir] Discovering LDAPS availability

Thu, 05 Oct 2006 19:15:12 -0700 

LDAPS records aren't published by DCs, only LDAP records. I can assure you
if it were that easy, David wouldn't have had an issue. From what I have
seen, if a secure LDAP connection is required, the internal routines from
MSFT simply locate a DC and go to the port. If LDAPS isn't hot, the
connection is dropped with server down error.


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, October 05, 2006 6:28 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Discovering LDAPS availability

Couldn't you just query the DNS for the SRV record advertising it...

Matt Duguid
Systems Engineer for Identity Services
Department of Internal Affairs

Phone: +64 4 4748028 (wellington)
Mobile: +64 21 1713290
Fax: +64 4 4748894
Address: Level 4, 47 Boulcott Street, Wellington CBD
E-mail: [EMAIL PROTECTED]
Web: http://www.dia.govt.nz/



|---------+---------------------------------->
|         |                                  |
|         |                                  |
|         |                                  |
|         |           David Loder            |
|         |           <[EMAIL PROTECTED]>     |
|         |           Sent by:               |
|         |           [EMAIL PROTECTED]|
|         |           tivedir.org            |
|         |                                  |
|         |                                  |
|         |           06/10/2006 08:56 a.m.  |
|         |           Please respond to      |
|         |           ActiveDir              |
|         |                                  |
|---------+---------------------------------->
 
>---------------------------------------------------------------------------
-----------------------------------|
  |
|
  |        To:      ActiveDir@mail.activedir.org
|
  |        cc:
|
  |        Subject: [ActiveDir] Discovering LDAPS availability
|
 
>---------------------------------------------------------------------------
-----------------------------------|


Other than directly testing the 636 port on each DC,
can anyone suggest a method for an unprivledged client
to discover whether or not LDAPS should be available
on a specific DC?

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Reply via email to