Tag Archives: active-directory

Older posts
28
11
25
 Leave a comment

Experimentations with LDAP/SASL on Ubuntu

Posted by | Ubuntu, Windows | Tagged , , |

SASL

I configured Kerberos on Ubuntu 24.04 WSL and was able to run the following command:

export KRB5_TRACE=/dev/stderr
ldapsearch -H ldap://myserver.my.local -Y GSSAPI

that produced the following output:

(more…)
26
11
25
 Leave a comment

Investigating how LDAP works with Seal and Sign flags

Posted by | C# | Tagged , , |

C# code:

public void bindWithMs(string ldapServer, int ldapPort, string ldapUser, string ldapPassword)
{
    var ldap = new System.DirectoryServices.Protocols.LdapDirectoryIdentifier(ldapServer, ldapPort);

    using (var connection = new System.DirectoryServices.Protocols.LdapConnection(ldap))
    {
        connection.AuthType = System.DirectoryServices.Protocols.AuthType.Negotiate;
        connection.Timeout = TimeSpan.FromSeconds(120);

        connection.SessionOptions.ProtocolVersion = 3;
        connection.SessionOptions.Signing = true;
        connection.SessionOptions.Sealing = true;

        connection.Credential = new System.Net.NetworkCredential(ldapUser, ldapPassword);
        connection.Bind();
    }
}
(more…)
30
09
25
 2 Comments

Enabling LDAP over SSL

Posted by | Windows | Tagged |

Add Certificate Manager role

Enable probably something like Certificate Manager role on DC:

(more…)
17
09
25
 Leave a comment

Disabling password complexity in Active Directory

Posted by | Windows | Tagged |

Open gpmc.msc and update the settings below:

(more…)
03
09
25
 6 Comments

Using Apache JMeter to measure LDAP performance

Posted by | Ubuntu, Windows | Tagged , |

Extract the archive:

tar xf /mnt/c/Users/dmitriano/Downloads/apache-jmeter-5.6.3.tgz

Install Java runtime:

sudo apt install default-jre
java --version

openjdk 21.0.8 2025-07-15
OpenJDK Runtime Environment (build 21.0.8+9-Ubuntu-0ubuntu124.04.1)
OpenJDK 64-Bit Server VM (build 21.0.8+9-Ubuntu-0ubuntu124.04.1, mixed mode, sharing)
(more…)
22
08
25
 Leave a comment

Investigating Kerboros with kinit and Wireshark

Posted by | Ubuntu, Windows | Tagged , , |

On the domain controller:

nslookup -q=SRV _kerberos._tcp.other.local

Server:  localhost
Address:  127.0.0.1

_kerberos._tcp.other.local      SRV service location:
          priority       = 0
          weight         = 100
          port           = 88
          svr hostname   = 7-dev-de-dc16.other.local
7-dev-de-dc16.other.local       internet address = 10.15.7.16
(more…)
18
08
25
 1 Comment

Capturing LDAP traffic with WireShark

Posted by | Windows | Tagged , , |

Select network interface:

(more…)
14
08
25
 3 Comments

Active Directory Tombstones

Posted by | Windows | Tagged |

A tombstone is a container object consisting of the deleted objects from AD. These objects have not been physically removed from the database. When an AD object, such as a user is deleted, the object technically remains in the directory for a given period of time; known as the Tombstone Lifetime.

Seeing with ldp.exe

Go to Options -> Controls

(more…)
12
08
25
 1 Comment

How does replication work in Active Directory

Posted by | Windows | Tagged |

There is a counter in RootDSE:

(more…)
12
08
25
 2 Comments

Active Directory Global Catalog

Posted by | Windows | Tagged |
(more…)
Older posts