Closed secziko closed 1 year ago
Hello,
I don't know why, but SChannel authentication seems to randomly throws this error. As you can see on the following example I successfully managed to reproduce the error once and after that, it worked :shrug:
PS C:\Users\x\Downloads> .\PassTheCert.exe --server dc02.domain.org --cert-path .\user.pfx --whoami
Unhandled Exception: System.DirectoryServices.Protocols.LdapException: The LDAP server is unavailable.
at System.DirectoryServices.Protocols.LdapConnection.Connect()
at System.DirectoryServices.Protocols.LdapConnection.SendRequestHelper(DirectoryRequest request, Int32& messageID)
at System.DirectoryServices.Protocols.LdapConnection.SendRequest(DirectoryRequest request, TimeSpan requestTimeout)
at PassTheCert.Program.Whoami(LdapConnection connection)
at PassTheCert.Program.Main(String[] args)
PS C:\Users\x\Downloads>
PS C:\Users\x\Downloads> # wait like 10 sec
PS C:\Users\x\Downloads>
PS C:\Users\x\Downloads> .\PassTheCert.exe --server dc02.domain.org --cert-path .\user.pfx --whoami --start-tls
Querying LDAP As : u:DOMAIN\user
PS C:\Users\x\Downloads> .\PassTheCert.exe --server dc02.domain.org --cert-path .\user.pfx --whoami
Querying LDAP As : u:DOMAIN\user
PS C:\Users\x\Downloads> # after that it always worked...
I suspect that the first time, the TCP connection timeouts because server-side API calls take too much time to authenticate the user but the second time, user's authentication is "cached" somewhere. I also observed this behavior with passthecert.py and another project that uses SChannel.
So I suggest you to try again, or try the python version. I hope I helped you.
:sunflower:
No activity, closing now. Please re-open if needed.
:sunflower:
I found that most of the old reported issues is with the same title! , i'm wondering why this happened
I scanned all Domain controllers and found that they all have the 389 open port and 636
started the command using the following
passthecert.exe --server dc.contoso.local --cert-path file.pfx --whoami --start-tls
Then the usual error appears! , i wrote a simple app to test the ldap connection on port 389 and it was working , when i tried to debug the passthecert application , i found that the error happened when the whoami command is sent in line 242
Any suggestions on this ?