Menu
▾
▴
Re: [PacketFence-users] Microsoft hardening AD/LDAP connections in March updates
|
From: Friede, T. <tob...@wk...> - 2020-01-24 14:51:20
|
Hi, maybe interesting: If you want to see clients which are using insecure ldap connections, just enable the diagnostic feature on all Domain Controllers. Reg Add HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v "16 LDAP Interface Events" /t REG_DWORD /d 2 (No reboot required) After that, you will see log entries in your event log for each insecure connection. Tobias -----Ursprüngliche Nachricht----- Von: Nicolas Quiniou-Briand via PacketFence-users <pac...@li...> Gesendet: Freitag, 24. Januar 2020 15:25 An: pac...@li... Cc: Nicolas Quiniou-Briand <nq...@in...> Betreff: Re: [PacketFence-users] Microsoft hardening AD/LDAP connections in March updates Hello, I tested those changes today with a PacketFence server. If your AD authentication sources don't use a LDAPS or StartTLS connection, these changes will break them. You need to switch to StartTLS or LDAPS. -- Nicolas Quiniou-Briand nq...@in... :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org) _______________________________________________ PacketFence-users mailing list Pac...@li... https://lists.sourceforge.net/lists/listinfo/packetfence-users |
