Forum Discussion

Gurdev Singh's avatar
Gurdev Singh
Iron Contributor
Jan 22, 2020

Impact of Microsoft enforcing LDAPS

Has anyone considered recent Microsoft announcement of enforcing LDAPS for Active Directory? As AAD Connect is connecting to AD, I wonder if this will have any impact on AAD Connect.

 

Furthermore, what about impact on standard AD PowerShell commands like Get-ADUser or Set-ADUser and C# DirectorySearcher

  • Mark Lewis's avatar
    Mark Lewis
    Brass Contributor

    Gurdev Singhthose applications aren't connecting to AD using LDAP. If you have the auditing enabled, or you have tools such as Azure ATP/Advanced Threat Analytics, you will see what is using LDAP, rather than LDAPS. The impact is more likely to be things like the VPN appliance, TeamCity if you use it and other applications using LDAP auth/lookup not RADIUS, Kerberos, SAML etc.

Resources