Core Infrastructure and Security Blog
Copied!
Home
Options
1,301
Stanislav Belov on 01-16-2020 11:59 PM
709
wallenc on 01-13-2020 12:01 AM
2,240
Bruno Gabrielli on 01-05-2020 03:01 PM
2,610
John_Clyburn on 12-30-2019 12:00 AM
7,324
LijuV on 12-22-2019 09:00 PM
3,028
Stanislav Belov on 12-17-2019 11:55 PM
3,425
John_Clyburn on 12-16-2019 12:00 AM
19.8K
Mike Kammer on 12-10-2019 06:21 AM
4,035
Paul Bergson on 12-04-2019 02:12 PM
5,986
wallenc on 11-26-2019 01:08 PM
2,648
Zoheb Shaikh on 11-19-2019 06:22 AM
1,881
Stanislav Belov on 11-12-2019 11:00 PM
3,283
SteveMat on 11-11-2019 02:27 PM
58.7K
Alan La Pietra on 11-04-2019 06:26 AM
866
Sean Leonard on 11-01-2019 03:23 PM
876
Joe_Zinn on 11-01-2019 03:22 PM
975
Joe_Zinn on 11-01-2019 03:22 PM
943
Joe_Zinn on 11-01-2019 03:22 PM
780
Sean Leonard on 11-01-2019 03:21 PM
768
Joe_Zinn on 11-01-2019 03:21 PM
741
Joe_Zinn on 11-01-2019 03:21 PM
1,977
Joe_Zinn on 11-01-2019 03:20 PM
784
Joe_Zinn on 11-01-2019 03:20 PM
1,078
Joe_Zinn on 11-01-2019 03:20 PM
1,170
Joe_Zinn on 11-01-2019 03:20 PM
1,868
Joe_Zinn on 11-01-2019 03:20 PM
2,299
Joe_Zinn on 11-01-2019 03:20 PM
787
AMARSIGLIA on 11-01-2019 03:20 PM
805
Joe_Zinn on 11-01-2019 03:20 PM
758
ktackett on 11-01-2019 03:17 PM
Latest Comments
@jpenning It looks like ldp.exe doesn't have a setting that controls negotiate for LDAP Signing and Channel Token binding. Therefore, you have to use registry to enable or disable Signing and Integrity. To disable LDAP Signing negotiation for the client, configure key ldapclientintegrity=0 under HKL...
0 Likes
@RossUA Got it - thanks! In this test scenario, what exactly made it a 'signed' NTLM request? Is it possible to use LDP to test an NTLM attempt that is not requesting signing?
0 Likes
@jpenning On the Bind dialogue, you choose Advanced, press Advanced button and choose the authentication protocol you want to use:
1 Likes
@RossUA Thanks for that. Forgive my ignorance, I figured out how to test the simple bind with the LDP tool - but can't figure out how to test with NTLM?
0 Likes
@jpenning Yes, it is possible to use NTLM while authenticating the LDAP Bind and have signing afterwards. You can try it with ldp.exe tool:At the same time, simple ldap bind doesn't work, which proves that server is requiring signing:Both tests done with connection to port 389.
0 Likes