Port 3268 — LDAP GC

TCP · Port 3268/TCP is used for the Lightweight Directory Access Protocol (LDAP) Global Catalog service, which provides a unified view of all objects in an Active Directory forest. This service enables clients to query and retrieve information about objects across multiple domains. The security relevance lies in its role as a critical component of directory services, requiring proper configuration and access control to prevent unauthorized access.

Port Number: 3268
Service Name: LDAP GC
Protocol: TCP
Common Software: Active Directory

Security Notes

Review IANA registry for port 3268 usage. Apply principle of least privilege - only open ports that are required.

FAQ

What is port 3268 used for?

Port 3268 is used for LDAP GC. Port 3268/TCP is used for the Lightweight Directory Access Protocol (LDAP) Global Catalog service, which provides a unified view of all objects in an Active Directory forest. This service enables clients to query and retrieve information about objects across multiple domains. The security relevance lies in its role as a critical component of directory services, requiring proper configuration and access control to prevent unauthorized access. Common software: Active Directory.

Is port 3268 dangerous to leave open?

Review IANA registry for port 3268 usage. Apply principle of least privilege - only open ports that are required.

How do I check if port 3268 is open?

Use nmap: nmap -p 3268 <target> or check locally: ss -tlnp | rg 3268