-
From: joe [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Tuesday, October 10, 2006 10:45 PM
Subject: RE: [ActiveDir] Discovering LDAPS availability
Hmm doesn't look like anyone else has figured this out or just doesn't
deploy LDAPS or alternately makes sure every DC is capable
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Discovering LDAPS availability
The project that I'm working on makes heavy use of LDAPS. However, at the
moment, we favour the latter statement - the built DCs don't leave staging
until the certs are pulled. They must be signed off
@mail.activedir.org
Subject: RE: [ActiveDir] Discovering LDAPS availability
The alternate solution I previously mentioned to David and his cohorts
in
crime was a distasteful but functional solution of writing their own
service
or script to register the records based on that script/service querying
the
DCs
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Discovering LDAPS availability
In this context, would it make sense to write/use a servicePrincipalName
value? (maybe even using admod/adfind 8-) )
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
PROTECTED] On Behalf Of David Loder
Sent: Friday, October 06, 2006 8:51 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Discovering LDAPS availability
joe's absolutely right. What's trying to be
accomplished is to publish new LDAPS SRV records for a
300+ DC environment. But I don't want
PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Discovering LDAPS
availability
Couldn't you just query the DNS for the SRV record
advertising it...
Matt Duguid
Systems Engineer for Identity Services
Department of Internal Affairs
Phone: +64 4 4748028 (wellington)
Mobile
Other than directly testing the 636 port on each DC,
can anyone suggest a method for an unprivledged client
to discover whether or not LDAPS should be available
on a specific DC?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam
whether it supports LDAPS or not (at least nothing that I've every
heard of...).
Joe K.
- Original Message -
From: David Loder [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, October 05, 2006 2:56 PM
Subject: [ActiveDir] Discovering LDAPS availability
Other than
@mail.activedir.org
Subject: Re: [ActiveDir] Discovering LDAPS availability
Couldn't you just query the DNS for the SRV record advertising it...
Matt Duguid
Systems Engineer for Identity Services
Department of Internal Affairs
Phone: +64 4 4748028 (wellington)
Mobile: +64 21 1713290
Fax: +64 4 4748894