I am getting this warning in the event manager of Server 2008. I have
no idea where to go to fix the problem and the url given is not
functional. Can anyone help? I'm trying to learn Server 2008, so I'm
new at it...
The security of this directory server can be significantly enhanced by
configuring the server to reject SASL (Negotiate, Kerberos, NTLM, or
Digest) LDAP binds that do not request signing (integrity
verification) and LDAP simple binds that are performed on a cleartext
(non-SSL/TLS-encrypted) connection. Even if no clients are using such
binds, configuring the server to reject them will improve the security
of this server.
Some clients may currently be relying on unsigned SASL binds or LDAP
simple binds over a non-SSL/TLS connection, and will stop working if
this configuration change is made. To assist in identifying these
clients, if such binds occur this directory server will log a summary
event once every 24 hours indicating how many such binds occurred.
You are encouraged to configure those clients to not use such binds.
Once no such events are observed for an extended period, it is
recommended that you configure the server to reject such binds.
For more details and information on how to make this configuration
change to the server, please see
http://go.microsoft.com/fwlink/?LinkID=87923.
You can enable additional logging to log an event each time a client
makes such a bind, including information on which client made the
bind. To do so, please raise the setting for the "LDAP Interface
Events" event logging category to level 2 or higher.
Similar Threads
Linear Mode
