ldaps vs. Require LDAP Signing on domain

Question

Hello&nbsp;I'm trying to understand the preferred method?&nbsp; Currently i have a number of client\applications that are making ldap binds to DC's over non secure port. From reading on how to remediate this it sounds like i have two options . #1 configure GPO on all DC's for "Require LDAP Signing on domain" or #2 install a cert on every DC, then configure client\apps to connect over port 636&nbsp;Trying to understand the best option ?Thank you&nbsp;

dave patrick · Answer

Please stick to one thread.
https://techcommunity.microsoft.com/t5/windows-server-for-it-pro/force-ldaps-on-domain-controllers/td-p/2834151
&nbsp;
&nbsp;

Forum Discussion

ldaps vs. Require LDAP Signing on domain

1 Reply

Resources