CLDAP-style NetLogon query over TCP
Benjamin Franzke
benjaminfranzke at googlemail.com
Fri Oct 18 06:55:16 MDT 2013
Hi list,
I would like to know whether netlogon queries over TCP are currently
possible with samba 4?
According to the wireshark wiki[1] that is supported as of win 2k3 server.
The automatic client join&configuration daemon realmd makes use of that
feature
(it checks whether the server reports win2k3+) and currently returns:
! Received invalid or unsupported Netlogon data from server
I tried to reproduce realmd's beaviour with ldapsearch:
ldapsearch -h dc -x -b '' -s base
"(&(NtVer=\06\00\00\00)(AAC=\00\00\00\00))" NetLogon
This returns zero results when "dc" is a samba 4 server. (Thats why the
error invalid)
But with a windows 2k8 server I got a netlogon result:
dn:
netlogon:: [....]
I found no tcp initialization in the cldap server code[2], or any hooks in
ldap_server that call into cldap_request. Am i overseeing something?
(I'm asking since metze said on irc: 13:55 < metze> bnf: samba4 should also
support it over tcp)
Is it planned to add this to samba or should realmd be fixed to always use
udp for cldap-style netlogon queries? (though i guess, since AD does this,
samba more or less has to support it..)
Thanks, Ben
[1] http://wiki.wireshark.org/MS-CLDAP?action=recall&rev=8
[2]
http://gitweb.samba.org/?p=samba.git;a=blob;f=libcli/cldap/cldap.c;h=24ce39fefb61567be5adb5d169fde946c2dfb1a2;hb=HEAD#l319
More information about the samba-technical
mailing list