[Samba] BindDN and password for Active Directory

[Andrew Morgan]

On Thu, 26 Apr 2007, Stellwag, Philippe wrote:

> Hello @ll,
>
> I have a general question to Active Directory (AD), not directly
> concerning samba, but I think the experts of this list know the answer.
>
> At my scope: I'm using a Windows XP PC which is logged on using
> Microsoft AD domain and Kerberos (normal procedure). I want to find out
> the BindDN and - if possible the appropriate password - for using it for
> a query with the Linux tool "ldapsearch". The problem is that I haven't
> an admin-access to AD-server.
>
> (1) Where are BindDN (and password) saved (e.g. Windows registry)?

If you can view your AD domain using the Active Directory Users and 
Computers MMC snap-in (you don't need admin access for this), then you can 
determine the DN of a user.  Find the user and the container (OU) it is 
located in.  The DN will be of the form:

cn=<username>,ou=<some_container>,dc=<domain>,dc=example,dc=com

> (2) Which encryption (e.g. none, SSL, TLS) is used by microsoft for the
> AD-queries (standard Windows login over an AD-domain)?

AD domain controllers listen on the standard LDAPS port (636) and will 
only accept binds on that port.  You cannot bind as a user on port 389.  I 
don't think they support TLS on port 389, but I have no tried in a long 
time.

> (3) Can I use Ethereal for grep this information? If the answer is
> "YES", what to do, to force Windows execute an login situation (e.g.
> program -> execute as ...)?

Windows AD clients will use Kerberos to authenticate, not LDAP, so you 
won't be able to capture the information you need that way.

 	Andy