Hi All,
We are just reviewing our LDAP/LDAPS situation across all services to ensure SSL / Port 636 is being used as appropriate when doing any Active Directory lookups.
The problem is I can't find definitive information that Horizon is doing this.
Can anyone point to details about this?
There certainly aren't any GUI settings to enable a secure channel - I would assume it is all running on secure as standard, but confirmation is needed.
Thanks.
Because Connection Servers are domain-joined, they leverage typical Windows client -> DC comms. This is why no service account is needed for AD authentication - the Computer Account is utilized. As long as your Domain Controllers have a valid certificate and listen on LDAPS/636, the Windows clients (and Connection Servers) will prefer that channel.
Because Connection Servers are domain-joined, they leverage typical Windows client -> DC comms. This is why no service account is needed for AD authentication - the Computer Account is utilized. As long as your Domain Controllers have a valid certificate and listen on LDAPS/636, the Windows clients (and Connection Servers) will prefer that channel.