Yes, that document is the only one i am aware of that describes the
CLDAP protocol.
There are some small errors in that document though but the ethereal
dissector should be ok.
It would be great if CLDAP was ASN2ETHified and still remain part of
the normal LDAP dissector.
In particular, the ntVer as part of the filter for the netlogon rpc is
not a string and all four bytes should be displayed. It should not
abort displaying the field just because there is a nul character there
"terminating the string".
It is usually 4 characters 0x06 0x00 0x00 0x00 but other varients do
exist with a different value in the last octet.
The behaviour of CLDAP rpc does differ depending on the version here
and ethereal currently only displays the first octet since it is a
"string" and the second one is 0x00.
On 12/6/05, Guy Harris <gharris@xxxxxxxxx> wrote:
> Richard Sharpe wrote:
>
> > I am wondering whether or not we want the MS CLDAP stuff in a separate
> > dissector file, as it seems to contain minimal LDAP stuff (from looking
> > at the code)
>
> It's using standard connectionless LDAP (RFC 1798) with some sneaky
> piggybacking of stuff on top of it, so it uses the standard LDAP
> dissector with some special code to detect the special stuff they added.
>
> > So, does anyone have a link to a concise description of the MS CLDAP
> stuff?
>
> Well, there's the paper cited in the comments at the beginning of the
> LDAP dissector:
>
> ftp://www6.software.ibm.com/software/developer/library/os-ltc-filesystems/Liguorifinal.pdf
>
> (found by Googling for
>
> "Anthony Liguori" "Active Directory Domain Controller Location Service"
>
> ).
>
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>