LDAP
What is Port 389?
Port 389 is the default port for the Lightweight Directory Access Protocol (LDAP), a standard protocol for accessing and maintaining distributed directory information services. Defined in RFC 4511, LDAP is used to store and retrieve information about users, groups, computers, and other resources in a hierarchical directory structure. Microsoft Active Directory, OpenLDAP, and other directory services use LDAP as their primary access protocol. LDAP supports operations like bind (authenticate), search, add, delete, modify, and compare. It uses a tree-like structure (DIT — Directory Information Tree) with distinguished names (DNs) for addressing entries. LDAP is fundamental to enterprise identity management, enabling centralized authentication, authorization, and user directory services across organizations of all sizes.
Common Uses
- Active Directory user and group management
- Centralized authentication for enterprise applications
- Email address book and contact directory lookups
- Certificate and public key distribution
- VPN and Wi-Fi authentication backends
Technical Details
Copy-paste commands to check port 389 (LDAP) from your terminal
Test connectivity
nc -zv example.com 389
curl -v --max-time 5 http://example.com:389/
telnet example.com 389
nmap -p 389 -sU -sV example.com
(echo > /dev/tcp/example.com/389) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 389/tcp
sudo iptables -A INPUT -p tcp --dport 389 -j ACCEPT
sudo firewall-cmd --permanent --add-port=389/tcp && sudo firewall-cmd --reload
Security Considerations
LDAP on port 389 transmits data including credentials in plaintext by default. Use LDAPS (port 636) for TLS-encrypted connections or enable STARTTLS on port 389. LDAP injection attacks can bypass authentication. Bind with a service account rather than anonymous access. Implement proper access controls and audit LDAP query patterns for suspicious activity.
Popular Ports Reference
The most commonly used and referenced network ports