The following screenshot shows a snippet of network communication as sniffed by Wireshark. It is a part of the login process, where a domain-joined client tries to login to a Windows Server 2008 R2 (which is the domain controller). The protocol used is Connectionless LDAP (CLDAP), also known as LDAP Ping.
Sample response:
It seems that the query is trying to get some "filtered" information regarding the "Netlogon" attribute.
This attribute is documented here:
http://msdn.microsoft.com/en-us/library/cc223260.aspx
Moreover, as described in http://msdn.microsoft.com/en-us/library/cc223254.aspx, this attribute is operational, meaning that:
... the server returns the attribute only when it is explicitly requested.
I tried to write a simple ADSI script to get more info about this attribute, but I got an error. Here's the script:
Set obj = GetObject("LDAP://rootDSE")
attArray = Array("netlogon")
obj.GetInfoEx attArray, 0
WScript.Echo obj.netlogon
- Error message: Object doesn't support this property or method: 'obj.netlogon'.
- Error code: 800A01B6
Could you please help me with the script?