LDAPS being redirected to 389

Posted by Ikkoras on Server Fault See other posts from Server Fault or by Ikkoras
Published on 2012-07-31T14:32:19Z Indexed on 2014/08/24 16:22 UTC
Read the original article Hit count: 182

Filed under:
|
|

We're trying to perform an LDAPS bind to a server which blocks 389 with a firewall so all traffic must travel over 636.

In our test lab we're connecting to a test ldap (located on the same server) which does not have this firewall so both ports are exposed. Running ldp.exe on the test server we generate the trace below which seems to suggest that it is successfully binding over 636. However if we monitor the traffic with wireshark all the traffic is being sent to 389 with no attempt to even contact 636.

Other tools will bind only with SSL on 636 or without SSL on 389 whjich seems to suggest it is behaving correctly but Wireshark shows 389.

Only the test server we are using RawCap to capture the local loopback traffic.

Any ideas?

0x0 = ldap_unbind(ld);
ld = ldap_sslinit("WIN-GF49504Q77T.test.com", 636, 1);
Error 0 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, 3);
Error 0 = ldap_connect(hLdap, NULL);
Error 0 = ldap_get_option(hLdap,LDAP_OPT_SSL,(void*)&lv);
Host supports SSL, SSL cipher strength = 128 bits
Established connection to WIN-GF49504Q77T.test.com.
Retrieving base DSA information...
Getting 1 entries:
Dn: (RootDSE)

© Server Fault or respective owner

Related posts about windows-server-2008

Related posts about ssl