Hey al,
Something that has kind of been plaguing me and I want to understand what specifically is going on. My network at work is separated from our corporate network. If this is of importance, we do have a one-way incoming trust with them. There is a firewall between our site and the corporate network.
I'm using our maintenance / patching server (Ivanti Security Controls, but udp/389 is not a requirement), which at the current moment is attempting to scan machines in the corporate network that we still maintain. While investigating things, I do see that there are numerous requests on UDP/389 going to various domain controllers in the corporate environment..
- What is happening that this server is attempting to reach out to various domain controllers?
- If this connectivity is required, is it possible to limit which domain controllers that this specific machine will attempt to access udp/389?
Thanks for helping me learn. :)
No comments:
Post a Comment