This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Determine LDAP Server Vendor
Determine LDAP Server Vendor

Version management

Difference between version and

At line 1 added 120 lines
!!! Overview
Although [RCF 3045|http://www.ietf.org/rfc/rfc3045.txt] provides a methodology to determine the [vendorName] and [vendorVersion] of the LDAP server from the [RootDSE Example], many [LDAP Server Implementations] do not provide this information.
%%information
Do realize the information was taken from various different [LDAP Server Implementations] at various times and you results may vary.
%%
There are also the [supportedLDAPVersion] attributes which will show you which protocol version of LDAP the [LDAP Server Implementation] supports. Generally, if the server ONLY shows supportedLDAPVersion=2, do not even try to use modern LDAP tools as most will have issues, in other words, upgrade to a [LDAP Server Implementation] that supports supportedLDAPVersion=3.
{{{
supportedLDAPVersion: 2
supportedLDAPVersion: 3
}}}
Each [LDAP Server Implementation], unfortunately, has its own characteristics that clearly separate it from others. To find out its type, use any available LDAP search tool and START with the following parameters:
{{{
ldapsearch -LLL -h ipaddress -b "" -s base -D cn=admin,....,dc=com -W "(objectclass=*)" vendorname vendorversion isGlobalCatalogReady
}}}
This will at least show you if the [LDAP Server Implementation] supports [vendorName] and [vendorVersion] and if the isGlobalCatalogReady returns true you know this is [Microsoft Active Directory].
Now you can use the following information to search for the and hopefully determine the specifics.
! [UnboundID]
{{{
vendorName: UnboundID Corp.
vendorVersion: UnboundID Directory Server 4.1.0.6
}}}
! Active Directory
Microsoft Active Directory does not provide the [vendorVersion] or [VendorName] in the rootDSE.
We typically check the [RootDSE]to determine if there is a value for "forestFunctionality" and if there is we assume it is [Microsoft Active Directory].
For the version, you then need to determine which version of which object you are trying to determine.
* [operatingSystem|Operating System] - Each [Domain Controller] entry will have a operatingSystem attribute which shows the OS [Version] on that DC
* forestFunctionality - The [RootDSE] will have the forestFunctionality attribute as an integer which related the [Active Directory Functional Levels]
* domainFunctionality - The [RootDSE] will have the domainFunctionality attribute as an integer which related the [Active Directory Functional Levels]
To find all [Domain Controllers] and their [versions], use this [SearchRequest]:
{{{
(&(&(&(&(samAccountType=805306369)(primaryGroupId=516))(objectCategory=computer)(operatingSystem=*))))
}}}
For more information on versions of [Active Directory Functional Levels]
! [EDirectory]
[EDirectory] provides a couple of more detailed results beyond [vendorName] and [VendorVersion] in the [dsRevision] and [Version] [AttributeTypes] located on the [NcpServer] [LDAP Entry]
{{{
vendorName: Novell, Inc.
vendorVersion: LDAP Agent for Novell eDirectory 8.8 SP7 (20705.00)
}}}
You can obtain more specific information using a query similar to:
{{{
ldapsearch -H ldap://serverip:389 -ZZ -x -D "cn=admin,...,dc=com" -W -b "dc=com" -s sub "(objectClass=ncpServer)" "dsRevision" "Version" "objectClass"
Will return results similar to:
{{{
dsRevision: 2070500
Version: eDirectory for Linux x86_64 v8.8 SP7 [DS]
}}}
! NetScape
{{{
vendorname=Netscape Communications Corp.
vendorversion=Netscape-Directory/6.11 B2002.281.0853
}}}
! Sun One Directory: Attribute [vendorVersion] will contain the term "Sun Directory".
{{{
vendorName=Sun Microsystems\, Inc.
vendorVersion=Sun Java(TM) System Directory Server/5.2_Patch_6
}}}
! [Oracle Internet Directory]
An older version shows:
{{{
orcldirectoryversion: OID 10.1.4.3.0
}}}
! [Oracle Unified Directory]
{{{
majorVersion: 11
maintenanceVersion: 1
platformVersion: 0
releaseVersion: 2
vendorName: Oracle Corporation
vendorVersion: Oracle Unified Directory 11.1.2.1.0
}}}
! Oracle Virtual Directory
{{{
orcldirectoryversion: OVD 11.1.1.6.0
}}}
! IBM - Found this one:
{{{
vendorName: [International Business Machines (IBM)]
vendorVersion: [6.0]
}}}
!OpenLDAP
{{{
dn:
objectClass: top
objectClass: OpenLDAProotDSE
}}}
!Siemens AG
{{{
Siemens AG
DirX Directory V8.0 B 8.1.218 2008:06:14 01:10 32-Bit
}}}
! Anyone know of any others or can add information?
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop