I have implemented a .netcore 3.1 razor app that uses windows authentication against active directory. It works fine to do the authentication. However when the app executes code User.Identity.Name to find the currently logged in user, wireshark is picking up responses and requests that are using ldap port 389....is there a way to make it use ldap port 636?
I'm not sure if I need to implement a custom authentication login. or if I can use some other method to find the currently logged in user that does not query ldap..
Any advice would be greatly appreciated. Thank you.
I used wireshark and the command line "netstat -b" to figure out that DFS and lsass.exe were making the unsecure ldap calls, not my .net application. I turned off my application and monitored the network using wireshark, to figure this out. Then I used netstat -b command in the command prompt to try and figure out which applications were making the call to unsecure ldap.
I tried to stop DFS and lsass.exe services. however stopping the lsass.exe process caused the computer to reboot.
So I reached out to a windows server pro and he suggested that I turn off incoming and outgoing traffic to port 389 in the windows firewall.
And this essentially solved the issue of the unsecure ldap calls. Which allowed my app to pass the cybersecurity test and get approved to go-live.