RootDSE netlogon attribute NtVer values?

A. Dreyer / samba-tech-list ml10044 at
Sat Nov 3 15:23:05 GMT 2007

Luke Howard wrote:
> Michael B Allen wrote:
>> Yeah, I could tell from looking at the CLDAP draft that things didn't
>> quite match up. MS-CLDAP looks exactly like LDAP just over UDP whereas
>> CLDAP had another field (at least). Wasn't really sure what was going
>> on. I have renamed the Wiki page:
> From memory MS-CLDAP omits the enclosing SEQUENCE defined in RFC 1798.
> OpenLDAP supports both when compiled with -DLDAP_CONNECTIONLESS.
> -- Luke


Sorry for the hijacking this threat..
But I have a question from a completely unrelated perspective:

I had problems with a certain intermediate firewall always dropping the
Windows server replies for LDAP/udp as not being related to any incoming
request (which had been correctly forwarded by the same gateway). After
relaxing the UDP handling everything is working again but I'm looking
for an answer why the reply is blocked in the first place and an RFC
violation might be the reason - it seems the mentioned SEQUENCE is
mandatory in the RFC.

Has anyone else seen this behaviour before?


Achim Dreyer                 ||
Senior Unix & Network Admin  || RHCE, RHCA, CCNA, CCSA, CCSE
Internet Security Consultant || Phone: +44 7756948229

More information about the samba-technical mailing list