6.3.3 LDAP Ping

  • Article

This topic describes the usage of LDAP to verify the aliveness of the domain controller and also check whether the domain controller matches a specific set of requirements. This operation is commonly referred to as LDAP ping.

An LDAP rootDSE search (section 3.1.1.3.2) that retrieves the rootDSE attribute netlogon (section 3.1.1.3.2.14) triggers the following processing on the server: Syntactic validation of the filter as specified in section 6.3.3.1 and construction of a DC response to the search request as specified in sections 6.3.3.2 and 6.3.3.3.

The LDAP search filter included in the SearchRequest is a one-level AND of equalityMatch tests of the following elements:

DnsDomain: The DNS name of an NC (default NC or application NC).

Host: The NetBIOS name of the client.

DnsHostName: The fully qualified domain name (FQDN) (1) of the client.

Note The DnsHostName element is not sent by Windows clients from Windows 2000 operating system through Windows 7 operating system and Windows Server 2008 R2 operating system.

User: The sAMAccountName of an account in the domain specified by DnsDomain, DomainSid, or DomainGuid.

AAC: Represents the userAccountControl attribute of an account.

DomainSid: The SID of a domain.

DomainGuid: The GUID of a domain.

NtVer: NETLOGON_NT_VERSION Options (see section 6.3.1.1).

Example:

(&(DnsDomain=abcde.corp.microsoft.com)(Host=abcdefgh-dev)(User=abcdefgh-dev$)(AAC=\80\00\00\00)(DomainGuid=\3b\b0\21\ca\d3\6d\d1\11\8a\7d\b8\df\b1\56\87\1f)(NtVer=\06\00\00\00))

Network payload:

 A0 84 00 00 00 A8 A3 84 00 00 00 25 04 09 44    ?...¨£?...%..D
 6E 73 44 6F 6D 61 69 66 04 18 61 62 63 64 65    nsDomain..abcde
 2E 63 6F 72 70 2E 6D 69 63 72 6F 73 6F 66 74    .corp.microsoft
 2E 63 6F 6D A3 84 00 00 00 14 04 04 48 6F 73    .com£?......Hos
 74 04 0C 61 62 63 64 65 66 67 68 2D 64 65 76    t..abcdefgh-dev
 A3 84 00 00 00 15 04 04 55 73 65 72 04 0D 61    £?......User..a
 62 63 64 65 66 67 68 2D 64 65 76 24 A3 84 00    bcdefgh-dev$£?.
 00 00 0B 04 03 41 41 43 04 04 80 00 00 00 A3    .....AAC..?...£?
 84 00 00 00 1E 04 0A 44 6F 6D 61 69 6E 47 75    ......DomainGu
 69 64 04 10 3B B0 21 CA D3 6D D1 11 8A 7D B8    id..;°!ÊÓmÑ.?}¸
 DF B1 56 87 1F A3 84 00 00 00 0D 04 05 4E 74    ß±V?.£?......Nt
 56 65 72 04 04 06 00 00 00 30 84 00 00 00 0A    Ver......0?....
 04 08 6E 65 74 6C 6F 67 6F 6E                   ..netlogon