Wireshark · Ethereal-users: Re: [Ethereal-users] Invalid LDAP message (can't parse sequence header: Wrong type for that item)

Ethereal-users: Re: [Ethereal-users] Invalid LDAP message (can't parse sequence header: Wrong ty

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <gharris@xxxxxxxxx>

Date: Thu, 18 Mar 2004 21:55:10 -0800

On Thu, Mar 18, 2004 at 09:52:50AM -0600, Brown, Garion wrote:
> I am seeing this message over and over again in my captures from my
> Windows XP workstation to my WIndows 2000 Domain Controller:
>  
> "Invalid LDAP message (can't parse sequence header: Wrong type for that
> item)"

Is the LDAP traffic between your workstation and the domain controller
encrypted?  (I suspect it is, given that there's a krb5_seal_alg value of
RC4 in the Kerberos 5 blob for the GSS-API token in packet 8.)

If so, that's the problem - Ethereal can't decrypt that traffic.

We probably need to have some way by which the GSS-API token dissector
can return an indication of whether the packet is signed or sealed, and
not bother trying to dissect it if it's sealed, just show it as
encrypted data, or find some other way of figuring out whether the
traffic is encrypted.

References:
- [Ethereal-users] Invalid LDAP message (can't parse sequence header: Wrong type for that item)
  - From: Brown, Garion

Prev by Date: Re: [Ethereal-users] Ethereal crashes after capture
Next by Date: Re: [Ethereal-users] Why can't Ethereal import Visual Networks ATM file format
Previous by thread: [Ethereal-users] Invalid LDAP message (can't parse sequence header: Wrong type for that item)
Next by thread: [Ethereal-users] Re: Ethereal-users Digest, Vol 11, Issue 19 (Out of Office)
Index(es):
- Date
- Thread