My Oracle Support Banner

SMB Server Is Sending Simple / Anonymous LDAP Bind Requests To Windows Domain Controller (Doc ID 2032384.1)

Last updated on JANUARY 11, 2021

Applies to:

Solaris Operating System - Version 11.1 to 11.2 [Release 11.0]
Information in this document applies to any platform.


Error message recorded in /var/adm/messages:
smbd[PID]: [ID 649633 daemon.notice] ndr_rpc_bind[tid=8]: \\ad-server.domain\PIPE\lsarpc: Permission denied (13)

SMB Server is sending simple LDAP bind requests to Domain Controller.

SMB server is trying to anonymously bind with the Domain Controller.

The anonymous bind has a empty username and password.

Security monitoring may raise concerns about un-authenticated requests or user authentication such as passwords will be sent in clear text.



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.