Thanks Shawn, I was going to ask that. But I got wireshark working. Below is
the packet I'm assuming we want to see. In concept it looks correct, but i'm
not sure what the controlValue is suppose to be on the wire.
Frame 9: 295 bytes on wire (2360 bits), 295 bytes captured (2360 bits) on
interface 0
Ethernet II, Src: PcsCompu_f5:e8:94 (08:00:27:f5:e8:94), Dst: PcsCompu_4b:a3:17
(08:00:27:4b:a3:17)
Internet Protocol Version 4, Src: 192.168.33.10, Dst: 192.168.33.11
Transmission Control Protocol, Src Port: 44766, Dst Port: 389, Seq: 45, Ack:
46, Len: 229
Lightweight Directory Access Protocol
LDAPMessage modifyRequest(7)
"cn=model_ouadmin,ou=PSU-OU-Admin-Accounts,ou=PSU-AD-OU-Administration,ou=PSU-AD-Administration,dc=develop,dc=local"
messageID: 7
protocolOp: modifyRequest (6)
modifyRequest
object:
cn=model_ouadmin,ou=PSU-OU-Admin-Accounts,ou=PSU-AD-OU-Administration,ou=PSU-AD-Administration,dc=develop,dc=local
modification: 1 item
[Response In: 10]
controls: 1 item
Control
controlType: 1.2.840.113556.1.4.2239 (ISO assigned OIDs,
USA.113556.1.4.2239)
criticality: True
controlValue: 3003020101
Thanks.
Craig Benner
----- Original Message -----
From: "Shawn McKinney" <[email protected]>
To: "api" <[email protected]>
Sent: Friday, September 8, 2017 9:58:56 AM
Subject: Re: Ldap API Custom Controls
> On Sep 7, 2017, at 8:41 PM, CRAIG BENNER <[email protected]> wrote:
>
> It will take some changes to get a wireshark capture, since Password's can
> only be managed over a secure connection. Hopefully tomorrow I can get you
> the wireshark capture
Wonder if it would be easier to just enable the API logger containing the BER
request/response traces? That’s typically how I debug. Saves the trouble of
setting up wireshark.
<category name="org.apache.directory.api" class="org.apache.log4j.Logger"
additivity="false">
<priority value="DEBUG" class="org.apache.log4j.Level"/>
<appender-ref ref="file"/>
</category>
