[Ethereal-users] mscldap.netlogon.type no longer avaible?

["Xiaoguang Liu" <syslxg@xxxxxxxxx>]

hi,

 

I just download 1.1-svn 18079 for fc4 and windows. I found one of my color filter is no longer valid. it is "mscldap.netlogon.type".

And I also found the CLDAP packets between windows client and DC are not pasered as before. Here I attacded a sample trace the display result.

 

No.     Time            Source                Destination           Protocol Info
      2 15:27:00.527361 157.60.73.105         157.60.72.125         CLDAP    searchResEntry(1) searchResDone(1)  [1 result]

Frame 2 (218 bytes on wire, 218 bytes captured)
Ethernet II, Src: Microsof_e0:af:8c (00:03:ff:e0:af:8c), Dst: Microsof_d9:af:8c (00:03:ff:d9:af:8c)
Internet Protocol, Src: 157.60.73.105 (157.60.73.105), Dst: 157.60.72.125 (157.60.72.125)
User Datagram Protocol, Src Port: 389 (389), Dst Port: 1029 (1029)
Lightweight-Directory-Access-Protocol
    LDAPMessage searchResEntry(1) [1 result]
        messageID: 1
        protocolOp: searchResEntry (4)
            searchResEntry
                attributes: 1 item
                    Item
                        type: netlogon
                        vals: 1 item
                            Item: 18000000FC01000002A0BED71554BC4487E47F1B9E6E17DC...
        Response To: 1
        Time: 0.005610000 seconds
    LDAPMessage searchResDone(1) [1 result]
        messageID: 1
        protocolOp: searchResDone (5)
            searchResDone
        Response To: 1        Time: 0.005610000 seconds

 

---

 

the netlogon atribute is parsered very well before. now ethereal only display a long binary string. is it a design change or a bug? If it is intended to be so, can I know why? I really need this work to help my trouble shoot dc locating issue in windows domain.

Attachment: udp ping2.cap
Description: Binary data