RootDSE netlogon attribute NtVer values?
Dave Daugherty
dave.daugherty at centrify.com
Mon Oct 15 02:06:05 GMT 2007
Michael B Allen
Sent: Friday, October 12, 2007 6:30 PM
Subject: Re: RootDSE netlogon attribute NtVer values?
On 10/12/07, Andrew Bartlett <abartlet at samba.org> wrote:
>
> On Fri, 2007-10-12 at 18:27 -0400, Michael B Allen wrote:
> > Hi,
> >
> > Hope you don't mind a protocol question but ...
> >
> > Regarding the cldap query for the netlogon attribute of the RootDSE,
> > I'm trying to find a value for the NtVer filter parameter that works
> > with both Windows 2003 and Windows 2000. I've been using
\06\00\00\02
> > like:
> >
> > (&(DnsDomain=W.NET)(NtVer=\06\00\00\02))
> >
> > simply because that is what I observed from XP but apparently
Windows
> > 2000 SP4 doesn't return a match for this at all. Or perhaps the
> > problem is that I used regular ldap and not cldap?
>
> CLDAP queries that include the netlogon attribute are not normal LDAP
> filters in any sense. They are just queries with a few name-value
pairs
> included (the | and & are ignored), that expect sort-of-ldap like
> responses.
\06\00\00\00 works for both Win2k and Win2k3, unless the following
registry value is set on the servers
HKLM/System/CurrentControlSet/Services/NetLogon/Parameters/NT4Emulator
Then you must use \06\00\00\01 - maybe some others would work too...
Dave Daugherty
More information about the samba-technical
mailing list