LDAP
What is LDAP?
LDAP is the abreviation for Lightweight Directory Access Protocol, used for accessing and maintaining distributed directory information services over a internet protocol network.
Description
The LDAP service will simulate a directory server accessible via LDAP.
Syntax
[service.<nickname_of_ldap>]
type="ldap"
Arguments in config file
There are 8
arguments in ldap
service:
argument | default setting | explanation |
---|---|---|
credentials |
[“root:root”] | Set the credentials for the service. |
naming-contexts |
no | RootDSE attribute for DSA masters or shadows. |
supported-ldap-version |
[“2”,“3”] | LDAP protocol version. |
supported-extension |
[“1.3.6.1.4.1.1466.20037”] | Extended operations list. |
vendor-name |
no | Name for LDAP Server. |
vendor-version |
no | Release version for LDAP Server. |
description |
no | Description of the LDAP Server. |
objectclass |
no | LDAP Schema element. |
Example
[service.ldap]
type="ldap"
credentials=["admin:admin", "root:root"]
naming-contexts=[ "dc=example,dc=com", "dc=ad,dc=myserver,dc=com" ]
vendor-name=[ "HT Directory Server" ]
vendor-version=[ "0.1.0.0" ]
description=[ "Directory Server" ]
objectclass=[ "dcObject", "organization" ]
[[port]]
port="tcp/389" #or udp
services=["ldap"]
How to test
nmap -Pn [IP_ADDRESS] -p 389 -sV
The test explained
With nmap
we perform a scan with -Pn
which skips the ping-test and simply
scans, on [IP_ADDRESS]
for a -p
specific port 389
.
The result
The result should contain this:
PORT STATE SERVICE
389/tcp open ldap
Availability
Linux | MacOS | |
---|---|---|
ldap | yes | yes |