Here's more details on the "event 2889" hotfix -- bindings being mis-reported as insecure bindings. For W2016. This is from our AD team:
On Windows 2016 fix, it was released in August update - https://support.microsoft.com/en-us/help/4571694 <https://nam06.safelinks.protection.outlook.com/?url=https://support.microsoft.com/en-us/help/4571694&data=02%7c01%7cLuis.Barahona%40microsoft.com%7c544f7d346ef94af8317b08d86c6a48a1%7c72f988bf86f141af91ab2d7cd011db47%7c1%7c0%7c637378551041053221&sdata=WN1tc7NYaVWkXFLsAN4HvwHsARvUiQURLCzYhGrT0rI%3D&reserved=0> This update has been replaced by the following updates: 2020-09 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4577015) 2020-10 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4580346) In testing today, our AD team reports this: ok, we are getting a 2889 on 2012 but not on 2016 so we will report that back I want to see if 2016 is correctly detecting so we can have them do the same on 2012. (Our AD DCs are a mix of W2016 and W2012). Spike On Wed, Oct 14, 2020 at 1:06 AM Sumit Bose <[email protected]> wrote: > On Tue, Oct 13, 2020 at 05:19:31PM -0300, Andreas Hasenack wrote: > >On Tue, Oct 13, 2020 at 5:04 PM Spike White <[email protected]> > wrote: > >> > >> Yes, correct. So that MS hotfix: > >> > >> Addresses an issue that incorrectly reports Lightweight Directory > Access Protocol (LDAP) sessions as unsecure sessions in Event ID 2889. This > occurs when the LDAP session is authenticated and sealed with a Simple > Authentication and Security Layer (SASL) method. > >> > >> is for W2019. > > > >Isn't it[1] for windows 10? At first I thought it was for the server, > >and "blindly" downloaded it. I only realized it was for windows 10 > >when I tried to install it. So what are they changing on the > >client-side to get rid of the log on the server? > > Hi, > > in the small print is says "Applies to: Windows 10, version 1809, all > editions, Windows Server version 1809, Windows Server 2019, all editions". > > bye, > Sumit > > > > >1. > https://support.microsoft.com/en-us/help/4559003/windows-10-update-kb4559003 > >_______________________________________________ > >sssd-users mailing list -- [email protected] > >To unsubscribe send an email to [email protected] > >Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > >List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > >List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
