Help interpreting wireshark traces
Lars Hanke
debian at lhanke.de
Sat Oct 25 15:22:52 EDT 2014
Is there a way to figure out what exactly SASL GSSAPI is trying to do
during an LDAP bind?
Background: I wrote a small Python program using python-ldap to maintain
some data in my AD. It used to work fine until I joined the machine to
the AD. Since then I see
ldap.OPERATIONS_ERROR: {'info': '00002020: Operation unavailable without
authentication', 'desc': 'Operations error'}
Using ldap-tools with -Y GSSAPI I can still access and modify everything.
In Wireshark however I just see entries like
LDAPMessage bindRequest(2) "<ROOT>" sasl
for both the granted and denied situation. I also see Kerberos protocol
to fetch the service principal for the AD. I would like to know, which
principal it actually uses to bind to the LDAP.
Thanks for any hints,
- lars.
More information about the Kerberos
mailing list