LDAPS tls/ssl version

Question

Hey,

I am using ADSI COMM interface (CPP) to connect using LDAPS to retrieve objects from Active directory.

How do I know which TLS version it is using? How is it distinguished? I didn't find this configuration in ADSI COMM documentation, I was told to specify only ldaps:// prefix and then it is using LDAPS

Thank you.

Answer 1

Hi,

You can use Wireshark tool.

https://www.wireshark.org/ downlaod and install it.

Open Wireshark.

Capture LDAPS Traffic: Choose your network interface and start capturing LDAPS traffic.

Filter LDAPS Traffic: Apply a filter to focus only on LDAPS traffic (use "ldap.port == 636").

Trigger Connections: Perform actions in your application that result in LDAPS connections to Active Directory.

Check Handshake: Wireshark captures the traffic, including SSL/TLS handshakes.

Analyze TLS Version: Look at the SSL handshake packets to determine the TLS version being used.

Optional Server Logs: Check logs on the LDAP server to see if TLS versions negotiated during LDAPS connections are logged.

Please accept as answer if it helps.

Answer 2

Hello a1，

Thank you for posting in Q&A forum.

Based on your description, you can use the Wireshark tool to analyze the TLS version used. First of all, you need to download and install Wireshark on the official website. Open Wireshake and select the network port to start capturing LDAPS traffic. Then enter 'ldap.port==636' in the filter in Wireshark. When Wireshark captures all traffic including the SSL/TLS handshake, you can view the SSL handshake packets to determine which TLS version is being used.

Best Regards,

Yanhong Liu

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.