Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
657
Views
0
Helpful
3
Replies

keepalive script ap-kal-ldap for secure LDAP

aajvandewiel
Level 1
Level 1

‎06-06-2008 01:41 AM

I tested the default ap-kal-ldap script with success towards our LDAP 3 servers on port 389. But I need another script for port 636 secure LDAP. Just changing the script to use port 636 doesn't seem to be the trick... I suppose the hex data needs to be altered, or do I need to install a client certificate on the CSS?

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-06-2008 06:44 AM

unfortunately you will not find any script to do this. The CSS script language does not have the option to encrypt/decrypt data which is required for secure LDAP.

Gilles

0 Helpful

aajvandewiel
Level 1
Level 1
In response to Gilles Dufour

‎06-09-2008 05:43 AM

Gilles, thanks for your answer. So no support for encrypt/decrypt on the CSS. What about changing the raw string to match the socket requests etc?

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to aajvandewiel

‎06-09-2008 02:31 PM

nope, because encryption/decryption mechanism are exactly there to prevent resending some raw data :-)

All you can do is check if the tcp port is responding to SYN.

Gilles.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents