Penetration Testing mailing list archives

LDAP + Active Directory

From: "Tim Russo" <trusso () wireguided com>
Date: Sat, 13 Oct 2001 00:13:51 -0400

I have discovered that I am able to connect anonymously to my clients active
directory/LDAP port (389). Using an LDAP client I can connect, but I do not
see any information. Is this because the directory is empty or that I am not
using the correct protocol version (3?) and/or BaseDN? Is their a way to get
a listing not knowing the correct DC?

Thanks.

-Tim

__________________________________
Tim Russo
Email:  trusso () wireguided com
Tel:            781.849.9323
Fax:            781.849.0127




----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

LDAP + Active Directory Tim Russo (Oct 13)
- Re: LDAP + Active Directory Patrick Patterson (Oct 13)
  - RE: LDAP + Active Directory Sacha Faust (Oct 14)
- <Possible follow-ups>
- RE: LDAP + Active Directory juan.francisco.falcon (Oct 15)
  - Re: LDAP + Active Directory Adrien de Beaupre (Oct 15)