As I understand it, LDAP Ping is more of a handshake test - not an open port check.
-- Espi On Thu, Nov 3, 2016 at 2:56 PM, Christopher Bodnar < [email protected]> wrote: > I understand the function of an LDAP Ping over UDP/389 in the DC Locator > process, but shouldn’t that respond to a Portqry? When I test this I > receive the following: > > > > UDP port 389 (unknown service): LISTENING or FILTERED > > > > I’ve tested this in 3 separate forests against multiple domain controllers > and I have gotten the same results in every case. All are 2008 R2 DFL/FFL. > A Netstat –an does show this: > > > > UDP x.x.x.x:389 *:* > > > > Which seems to be correct for a UDP port that is also listening on TCP? I > don’t notice anything wrong in the domains, was just going through some > firewall port requests and tested this. Is Portqry not a real test of this > function? > > > > My next step will be to run a WireShark trace on a DC to look for this > traffic. > > > > > > Thanks > > > > > > > > *Christopher Bodnar* > Enterprise Architect II, Corporate Office of Technology:Enterprise > Architecture and Engineering Services > > Tel 610-807-6459 > 3900 Burgess Place, Bethlehem, PA 18017 > [email protected] > > [image: cid:[email protected]] > > * The Guardian Life Insurance Company of America* > > * www.guardianlife.com <http://www.guardianlife.com/>* > > > > > > ------------------------------ > ----------------------------------------- This message, and any > attachments to it, may contain information that is privileged, > confidential, and exempt from disclosure under applicable law. If the > reader of this message is not the intended recipient, you are notified that > any use, dissemination, distribution, copying, or communication of this > message is strictly prohibited. If you have received this message in error, > please notify the sender immediately by return e-mail and delete the > message and any attachments. Thank you. > >
