difference response in different platform

You can try a cmd line test using adtest to check if that works.

adtest -t query -h "host.siterequest.com" -r "siterequest.com" -A Administrator -W password1!a -u user1

You may have to verify the DNS and NTP settings as well.

I cannot imagine that the platform itself would make a difference here. I would suggest starting with a tcpdump capture to see what that query traffic looks like. If you see good back and forth data between APM and the AD, then:

1. Enable debug logging in APM and tail the APM log (tail -f /var/log/apm).

    

2. Run a WireShark capture on the DC and set a display filter for "kerberos or dns or ldap" (without the quotes).

    

hi kelivn,

i did a dump and both give me the same result but one can query and one cannot. didn't get to try the wireshark yet. will try it out and see what is the outcome

i did a dump and both give me the same result but one can query and one cannot

Where you looking at the port 389 LDAP traffic? You should be able to expose that data in the tcpdump with the -Xs0 option.

tcpdump -lnni 0.0 -Xs0 port 389

It won't be pretty to look at it, but you should be able to see some of the LDAP request and response data. A WireShark capture will do the same thing, but give you an expanded view of the LDAP.

let me try out your command. update you guys later :)