LDAP Server Test Suite Data Sheet
Test Suite:
LDAP Server Test Suite
Direction:
Server

The Lightweight Directory Access Protocol (LDAP) is an Internet protocol for accessing distributed directory services that act in accordance with X.500 data and service models [RFC4511]. LDAP utilizes TCP for message transport. This test suite can be used to test LDAP server implementations for security flaws and robustness problems.

Used specifications

Specification
Title
RFC4511

Lightweight Directory Access Protocol (LDAP): The Protocol

RFC4512

Lightweight Directory Access Protocol (LDAP): Directory Information Models

RFC4514

Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names

RFC2696

LDAP Control Extension for Simple Paged Results Manipulation

RFC2891

LDAP Control Extension for Server Side Sorting of Search Results

RFC3296

Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories

RFC3672

Subentries in the Lightweight Directory Access Protocol (LDAP)

RFC4370

Proxied Authorization Control (LDAP)

RFC4528

Assertion Control (LDAP)

RFC4616

The PLAIN Simple Authentication and Security Layer (SASL) Mechanism

MS-LNMP

NT LAN Manager (NTLM) Authentication Protocol

MS-ADTS

Active Directory Technical Specification

Tool-specific information

Tested messages
Notes
Specifications
BindRequest
RFC4511
UnbindRequest
RFC4511
Abandon
RFC4511
SearchRequest
RFC4511
ModifyRequest
RFC4511
AddRequest
RFC4511
DelRequest
RFC4511
CompareRequest
RFC4511
ExtendedRequest
RFC4511

Supported protocol features
Specifications
Notes
PagedResultsControl
RFC2696
Anomalies only
SortRequestControl
RFC2891
Anomalies only
ManageDsaITControl
RFC3296
Anomalies only
SubentriesControl
RFC3672
Anomalies only
ProxyAuthControl
RFC4370
Anomalies only
AssertionControl
RFC4528
Anomalies only
Kerberos version 5 GSS-API Mechanism
RFC1964
The PLAIN Simple Authentication and Security Layer (SASL) Mechanism
RFC4616
NTLMv1 Authentication
MS-LNMP
LDAP Search over UDP (CLDAP)
MS-ADTS
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis