Forum Discussion
hiroki
Oct 18, 2024Copper Contributor
Is Enforcing LDAP Signing enabled by default starting with Windows Server 2025?
When connecting to Windows Server 2025 (Preview) using LDAP simple bind, the server rejected the bind. 「The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection」was displayed as an error message.
If you change the LDAP server signing requirement from the default value to disabled according to the page below, LDAP simple bind will succeed.
https://learn.microsoft.com/ja-jp/troubleshoot/windows-server/active-directory/enable-ldap-signing-in-windows-server
Is Enforcing LDAP Signing enabled by default starting with Windows Server 2025?
If so, where is the announcement about enabling LDAP server signing requirements?
- Joachim_OtahalIron ContributorOh, they are finally enforcing this by default? They wanted to enforce this since 2007! (i.e. since Vista / Server 2008 without R2). Sure about time!
- hirokiCopper Contributor
Default enforcement of LDAP signing was mentioned by Microsoft's Cliff Fisher at Windows Server Summit 2024.
https://techcommunity.microsoft.com/t5/windows-server-events/what-s-new-in-active-directory-for-windows-server-2025/ev-p/4080118