#monitor incoming port 389 requests

Discussion in 'Active Directory' started by Mike Bonvie, Feb 24, 2006.

  1. Mike Bonvie

    Mike Bonvie Guest


    We have a windows 2000 server in our AD environment which we want to retire.

    All FSMO roles are on 2003 servers

    This 2000 server functions as a GC, DNS, and an exchange/PF server. All
    mailboxes and the PF store have been removed from this server. No server in
    our domain uses this server as its DNS. It's basically a lame-duck server.
    We want to retire it as gracefully as possible.


    1.. We want to monitor specific incoming network traffic (port 389/ldap)
    to see what servers are talking on this port - some legacy apps "may" still
    use this server.

    I ran a netstat -na |findstr 389 which listed the hosts connecting on port
    389, is there some utililty (besides windows netmon or a 3rd party sniffer)
    which can generate historical data recording incoming ldap requests? I
    looked at perfmon, there's no counters for this traffic. Something similar
    to windows dns debugging would be great.

    2.. We want servers/computers to no longer use this server as its logon
    server. (this server is 1 of 3 AD servers in its site)

    Would putting this server in its own isolated site address hosts from using
    it as a logon server?

    Your feedback is appreciated.

    -Mike Bonvie

    Systems Engineer
    Mike Bonvie, Feb 24, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.