I'm looking for guidance on how to log incoming network connections to my Domain Controller, specifically focusing on connections made over LDAP (port 389) versus LDAPS. I want to ensure that nothing is attempting to authenticate using LDAP before I shut it down. Ideally, I need to gather about a week's worth of connection data. Any suggestions on how I can accomplish this?
1 Answer
Just a heads up: checking the port alone might not be enough. If secure LDAP connections are being made using StartTLS over port 389, those connections will also be logged. Just something to keep in mind!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures