Ping a Specific Port

Question

LeeM

Asked: 2014-04-17 21:42:02 +0800 CST2014-04-17 21:42:02 +0800 CST 2014-04-17 21:42:02 +0800 CST

Auditing anonymous binds to AD LDAP

772

We're about to commence an AD upgrade to 2012 R2, and I have just found to my horror that anonymous LDAP binds have been enabled in the 2003 domain.

We've certainly been issuing accounts for LDAP auth to non-Windows systems by policy, but before disabling the anonymous bind, we should probably do some due diligence to ensure no-one's just taking the anonymous shortcut.

Any suggestions has to how to audit anonymous operations in LDAP? Obviously it's possible to enable AD debug diagnostic logging, or perhaps use a tool like ADInsight, but I would have no idea what events to filter for.

1 Answers

Voted

LeeM · Answer 1 · 2014-05-22T20:47:23+08:00

Best Answer

LeeM

2014-05-22T20:47:23+08:002014-05-22T20:47:23+08:00

According to Microsoft PSS, there is no way of auditing whether the bind is anonymous or not.

If you enable the ldap debug log, it shows the bind activity, but it won't show any auth method that was used.

0

Auditing anonymous binds to AD LDAP

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?