Does the LDAP decode work for Active Directory?
Meaning, are the operational details you would expect (Search, Add, Del, and the Errors) also available if configured in an Active Directory environment?
Here is an answer I got recently from Kris Ziemianowicz to the same question :
do decode LDAP. But AD does not equal LDAP 1-to-1. AD also uses RPC and SMB to
communicate within the domain and here our support varies. For example, in 12.4
we will recognize LSARPC commands over RPC. That is, command names, but not the
command parameters which are encrypted.
the LDAP itself - it may be configured to use SSL and switching to SSL may
occur at any moment during the session. We decrypt SSL, but need the keys on