• 欢迎订阅我的Youtube频道
  • 欢迎加入我的电报群

Use Wireshark to diagnose LDAP through Kerberos

Uncategorized fennng 2年前 (2018-01-31) 2262次浏览 0个评论

Here is a successful one.

[image: Inline image 1]
For a better understanding of each request, here is kerberos works.
diagram from: http://www.ibm.com/developerworks/ibmi/library/i-sso/index.html
[image: Inline image 2]
Here is how you verified if a TGT is returned.
[image: Inline image 3]
A Ticket is returned for LDAP for that user
[image: Inline image 4]
Main user bound.
[image: Inline image 5]

Infomation about delegated user back
[image: Inline image 6]
Got TGT for delegated User
[image: Inline image 7]
Get Ticket for delegated User
[image: Inline image 8]
Bind delegated user within SASL.
[image: Inline image 9]

Some code to read info of delegated user:
lkarolak.wordpress.com/2010/11/17/finding-active-directory-users-group-membership-in-c/










峰享技术 , 版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:Use Wireshark to diagnose LDAP through Kerberos
喜欢 (0)
发表我的评论
取消评论

表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址