lto:listsadmin@lists.
> myitforum.com] *On Behalf Of *Michael B. Smith
> *Sent:* Friday, November 04, 2016 3:40 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] LDAP Ping question
>
>
>
> To the OP: is 389 UDP open on your older DCs in the firewall?
&
> *Sent:* Friday, November 04, 2016 3:40 PM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] LDAP Ping question
>
>
>
> To the OP: is 389 UDP open on your older DCs in the firewall?
>
>
>
> (Honestly, I didn’t know 389 UDP was ever used for LDAP
...@lists.myitforum.com] On
Behalf Of Michael B. Smith
Sent: Friday, November 04, 2016 3:40 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] LDAP Ping question
To the OP: is 389 UDP open on your older DCs in the firewall?
(Honestly, I didn’t know 389 UDP was ever used for LDAP. I thought
Try with a query via ldp.exe and record the network session with Wireshark.
Then evaluate the packet capture and replay it with tcpreplay from security
onion to verify that the DC responds.
That would be a more accurate test imho.
Ez
On Nov 3, 2016 5:59 PM, "Christopher Bodnar"
PM
To: ntsysadm
Subject: Re: [NTSysADM] LDAP Ping question
Don't the answer to your question, but I suspect you'll get a much better
response on the Active Directory list at activedir.org<http://activedir.org>
Kurt
On Fri, Nov 4, 2016 at 8:57 AM, Christopher Bodnar
<christopher_bod...
shark the UDP request is received
> by the DC, but it never responds.
>
>
>
> *From:* Christopher Bodnar
> *Sent:* Friday, November 04, 2016 10:14 AM
> *To:* ntsysadm@lists.myitforum.com
> *Subject:* RE: [NTSysADM] LDAP Ping question
>
>
>
> Now I’m really confused. Af
, but not in the new domain I just
stood up. In Wireshark the UDP request is received by the DC, but it never
responds.
From: Christopher Bodnar
Sent: Friday, November 04, 2016 10:14 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] LDAP Ping question
Now I’m really confused. After doing some more
r
Sent: Thursday, November 03, 2016 9:19 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] LDAP Ping question
As I understand it, LDAP Ping is more of a handshake test - not an open port
check.
--
Espi
On Thu, Nov 3, 2016 at 2:56 PM, Christopher Bodnar
<christopher_bod...@gl
As I understand it, LDAP Ping is more of a handshake test - not an open
port check.
--
Espi
On Thu, Nov 3, 2016 at 2:56 PM, Christopher Bodnar <
christopher_bod...@glic.com> wrote:
> I understand the function of an LDAP Ping over UDP/389 in the DC Locator
> process, but shouldn’t that respond
I understand the function of an LDAP Ping over UDP/389 in the DC Locator
process, but shouldn't that respond to a Portqry? When I test this I receive
the following:
UDP port 389 (unknown service): LISTENING or FILTERED
I've tested this in 3 separate forests against multiple domain controllers
10 matches
Mail list logo