LDAP: Difference between revisions
(OSI) |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 37: | Line 37: | ||
RFC4524 COSINE LDAP/X.500 Schema | RFC4524 COSINE LDAP/X.500 Schema | ||
Kurt D Zeilenga | Kurt D Zeilenga, LDAP RFC author and creator of OpenLDAP | ||
https://www.openldap.org/ | |||
https://www.zytrax.com/books/ldap/ | https://www.zytrax.com/books/ldap/ | ||
| Line 50: | Line 50: | ||
RootDSE | RootDSE | ||
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "" (objectclass=*) | |||
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "" objectclass="*" namingContexts | |||
objectClass=top | objectClass=top | ||
| Line 59: | Line 62: | ||
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config olcLogLevel | ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config olcLogLevel | ||
=== Active Directory === | |||
autorid / rid => rfc2307 unix profile in ldap | autorid / rid => rfc2307 unix profile in ldap | ||
| Line 65: | Line 70: | ||
With the LDAP bind operation, or password hash comparison | With the LDAP bind operation, or password hash comparison | ||
Active Directory (Microsoft Schema) | Active Directory (Microsoft Schema) | ||
https://learn.microsoft.com/en-us/openspecs/windows_protocols/MS-WINPROTLP/e36c976a-6263-42a8-b119-7a3cc41ddd2a | |||
Microsoft Windows 2000, (and subsequent Server 2003, 2008, 2012, 2016, 2019, 2022, 2025) | Microsoft Windows 2000, (and subsequent Server 2003, 2008, 2012, 2016, 2019, 2022, 2025) | ||
| Line 74: | Line 82: | ||
[https://www.youtube.com/playlist?list=PLLasX02E8BPD5vC2XHS_oHaMVmaeHHPLy Azure AD Authentication Fundamentals] | [https://www.youtube.com/playlist?list=PLLasX02E8BPD5vC2XHS_oHaMVmaeHHPLy Azure AD Authentication Fundamentals] | ||
echo %logonserver% | |||
nslookup -t srv _ldap._tcp.dc._msdcs.islief.com | nslookup -t srv _ldap._tcp.dc._msdcs.islief.com | ||
Latest revision as of 08:18, 11 February 2025
OSI Protocols
https://www.itu.int/itu-t/recommendations/rec.aspx?rec=X.500
X.500 1984 – 1994
http://sec.cs.kent.ac.uk/x500book/ by D W Chadwick (Weird and Wonderful, Paradise/Cosine)
ASN.1 Type Length Value
X.500 Directory Access Protocol
(famous for X.509v3)
IETF
RFC4510 Technical Specification Road Map
RFC4511 LDAP: Directory Information Models
RFC4512 The Protocol
RFC4513 Authentication Methods and Security Mechanisms
RFC4514 String Representation of Distinguished Names
RFC4515 String Representation of Search Filters
RFC4516 Uniform Resource Locator
RFC4517 Syntaxes and Matching Rules
RFC4518 Internationalized String Preparation
RFC4519 Schema for User Applications
RFC4524 COSINE LDAP/X.500 Schema
Kurt D Zeilenga, LDAP RFC author and creator of OpenLDAP
https://www.zytrax.com/books/ldap/
https://ldapwiki.com/wiki/RootDSE
Schema, object tree
namingContext
RootDSE
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "" (objectclass=*) ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -s base -b "" objectclass="*" namingContexts
objectClass=top
ldapsearch -h hostname -b "" -s base "(objectclass=*)"
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config ldapmodify -Y EXTERNAL -H ldapi:/// -b cn=config -f loglevel.ldap ldapmodify -Y EXTERNAL -H ldapi:/// -f loglevel.ldap ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config olcLogLevel
Active Directory
autorid / rid => rfc2307 unix profile in ldap
LDAP Authentication
With the LDAP bind operation, or password hash comparison
Active Directory (Microsoft Schema)
Microsoft Windows 2000, (and subsequent Server 2003, 2008, 2012, 2016, 2019, 2022, 2025)
Azure AD Authentication Fundamentals
echo %logonserver%
nslookup -t srv _ldap._tcp.dc._msdcs.islief.com
nslookup _msdcs.islief.com
nltest /dclist:ISLIEF
Import-Module ActiveDirectory
(Get-ADDomainController -DomainName islief.com -Discover -NextClosestSite).HostName
gpresult /v