On Tue, Nov 18, 2014 at 06:59:12PM +0200, Igor Shmukler wrote:
Well, I raised this subject stating that -1 does not do what I need.
-1 prints everything that OpenLDAP has got, so you need to look elsewhere if that is not enough..
I suggest Wireshark: either use it directly to capture network traffic or run tcpdump on the LDAP server or client machine and transfer the dump file to your desktop machine for analysis. If the server or client machine has a graphical display then you can do the whole job directly with Wireshark.
Here is an invocation of tcpdump to do the capture:
tcpdump -i eno1 -w /tmp/traffic host myclient.example.com and port 389
eno1 is the name of the network interface /tmp/traffic is the dump file myclient.example.com is the name of the server if this is run on the client host or the name of the client if run on the server
Set that running and have your client code do its stuff. Break into tcpdump with control-C Copy /tmp/traffic to your desktop if necessary Open /tmp/traffic in Wireshark.
You can expand the various protocol levels to get nore detail. If you drill down into the LDAP layer you will see the search request and if you drill further you will see the paged results control, cookies etc.
Note that you will have to turn off encryption (SSL/TLS) on the LDAP session if you are using it (which you should be when you go into production).
Andrew