Hi, maybe interesting:
If you want to see clients which are using insecure ldap connections, just enable the diagnostic feature on all Domain Controllers. Reg Add HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics /v "16 LDAP Interface Events" /t REG_DWORD /d 2 (No reboot required) After that, you will see log entries in your event log for each insecure connection. Tobias -----Ursprüngliche Nachricht----- Von: Nicolas Quiniou-Briand via PacketFence-users <[email protected]> Gesendet: Freitag, 24. Januar 2020 15:25 An: [email protected] Cc: Nicolas Quiniou-Briand <[email protected]> Betreff: Re: [PacketFence-users] Microsoft hardening AD/LDAP connections in March updates Hello, I tested those changes today with a PacketFence server. If your AD authentication sources don't use a LDAPS or StartTLS connection, these changes will break them. You need to switch to StartTLS or LDAPS. -- Nicolas Quiniou-Briand [email protected] :: +1.514.447.4918 *140 :: https://inverse.ca Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence (https://packetfence.org) and Fingerbank (http://fingerbank.org) _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
