Hi I have problem with my environment about active directory port ldap 389. My scenario is I have active directory for 2 sites, each sites have 2 active directory servers, I have specified all network to subnets in active directory site and subnet with correct configuration, I have DHCP server in each site which each site configure dns (DHCP option) point to each site of dns servers.
In my Firewall application which locate between site for investigate the traffic shows that it is have some client computer using DHCP calling ldap connection across site (e.g. Computer in site A call ldap 389 to Active directory server site B).
The problem I found that are list below
1. Is this ldap connection situation occur as normal from active directory configuration?, If not what component I have to check
2. It is possible that they have some application on the client computer that query some data from active directory and setting not properly and it let this application connect to another site ?
3. If it is not from active directory event to use this ldap (or involve with question 2), can you please confirm document guide or have the way to prove this.
Thank you