go to  ForumEasy.com   
LdapPro  
 
 
   Home  |  MyForum  |  FAQ  |  Archive    You are not logged in. [Login] or [Register]  
Forum Home » SIMPLE & SASL Binding » SASL NTLM LDAP Authentication Traffic
Email To Friend  |   Set Alert To This Topic Rewarding Points Availabe: 0 (What's this) New Topic  |   Post Reply
Author Topic: SASL NTLM LDAP Authentication Traffic
authen
member
offline   
 
posts: 36
joined: 08/07/2006
from: San Diego, CA
  posted on: 08/12/2006 06:13:03 PM    Edit  |   Quote  |   Report 
SASL NTLM LDAP Authentication Traffic
Here is a practical NTLM authentication example via LDAP

Server: AD on Windows Server 2003
Client: JNDI client


1. Client --> Server
 Bind Request {
        Message Id: 98
        Message Type: Bind Request (0x60)
        Message Length: 57 (0x84 00 00 00 39)
        Version: 3 (0x02 01 03)
        DN: (null) (0x04 00)
        Auth Type: SASL (0xa3 84 00 00 00 2e) 
        Mechanism: GSS-SPNEGO (0x04 0a 47 53 53 2d 53 50 4e 45 47 4f)
	Creds: (0x04 20) {
		NTLMSSP: 0x4e 54 4c 4d 53 53 50 00
		Type 1 Msg: 0x01 00 00 00
		Flags: 0x07 82 00 a0
		Host: 0x00 00 00 00 00 00 00 00
		Domain: 0x00 00 00 00 00 00 00 00
	}
 }



2. Client <-- Server
 Bind Response {
        Message Id: 98
        Message Type: Bind Result (0x01)
        Message Length: 249
        Result Code: saslBindInProgress (0x0e)
        Matched DN: (null)
        Error Message: (null)
        GSS-API Generic Security Service Application Program Interface
            NTLMSSP
                NTLMSSP identifier: NTLMSSP
                NTLM Message Type: NTLMSSP_CHALLENGE (0x00000002)
                Domain: MYDOMAIN
                Flags: 0x80818205
                NTLM Challenge: 7B522978AA396392
                Reserved: 0000000000000000
                Address List
                    Length: 162
                    Maxlen: 162
                    Offset: 76
                    Domain NetBIOS Name: MYDOMAIN
                    Server NetBIOS Name: mydomiancontroller
                    Domain DNS Name: mydomain.com
                    Server DNS Name: mydomiancontroller.mydomain.com
                    List Terminator



3. Client --> Server
    LDAP Message, Bind Request
        Message Id: 99
        Message Type: Bind Request (0x00)
        Message Length: 203
        Response In: 99
        Version: 3
        DN: (null)
        Auth Type: SASL (0x03)
        Mechanism: GSS-SPNEGO
        GSS-API Generic Security Service Application Program Interface
            NTLMSSP
                NTLMSSP identifier: NTLMSSP
                NTLM Message Type: NTLMSSP_AUTH (0x00000003)
                Lan Manager Response: FC05E52BADD77A678ACDC719287160E5DBD7D6D6B5E5A12C
                NTLM Response: 927D62DC561C63158B0A2AB728B2A4EADE816AD2432C66DA
                Domain name: USERDOMAIN.COM
                User name: myname
                Host name: myhost
                Session Key: Empty
                Flags: 0x80808205



4. Client <-- Server
 Bind Result{
        Message Id: 99
        Message Type: Bind Result (0x01)
        Message Length: 27
        Result Code: success (0x00)
        Matched DN: (null)
        Error Message: (null)



 Profile | Reply Points Earned: 0

 
Powered by ForumEasy © 2003-2005, All Rights Reserved. | Privacy Policy | Terms of Use
 
Get your own forum today. It's easy and free.