A quick command for checking if your Active Directory servers are all listening on LDAP. Guess who had an issue with that today? :)
dig +short domainname.internal | xargs -I{} /usr/sbin/hping3 -p 389 -q -c 1 {} 2>&1 | egrep "(transmitted|hping)"
You’ll need hping3 - it’s installable from apt-get on Debian, can’t comment about any other distributions.
A quick explanation for each part:
dig +short domainname.internal- pull the IPs of the hosts in the domain entry - they’ll be your domain controllerssudois required because hping uses raw socketsxargsruns the next command on each input linehping3 -p 389- connect on TCP to the LDAP port2>&1- redirect STDERR to STDOUT to make it more easily filteredegrep- filter only the required lines
This’ll hit each server once and show an output like:
--- 1.2.2.2 hping statistic ---
1 packets transmitted, 0 packets received, 100% packet loss
It is dirty, but it works!