windows ad kdc authentication (rst packet)
Dear friends,
Recently, our company implemented a system that integrates with Active Directory (AD) for authentication, and everything worked fine. However, we recently purchased an additional module, and when uploading a document, this module performs an AD authentication. During this authentication process, we encountered a failure. The vendor's engineer used Wireshark and found that when communicating with the AD domain controller (on port 389), there was an RST (reset) flag. This issue occurs intermittently, sometimes it appears, and other times it doesn’t.
I installed Wireshark on other systems that are also integrated with AD for authentication and observed that every application server account authentication attempt with AD over LDAP shows an RST, but AD authentication still works without any problems.
My questions are:
Is it reasonable for an RST to appear during authentication between Windows AD and other systems, even though everything seems to work fine?
Are there any Windows AD documents or references that can confirm this behavior is "normal" or not an issue?
Thank you.