I've been reading this VMware blog post:
VMware vSphere & Microsoft LDAP Channel Binding & Signing (ADV190023) - VMware vSphere Blog
According to it, because I'm using "Active Directory (Integrated Windows Authentication)" my vCenters should not be affected by Microsoft's forthcoming changes to LDAP authentication.
However, when I've turned on extra monitoring of LDAP connections on my domain controllers, it is seeing my Platform Services Controller logging into LDAP insecurely with their machine accounts.
This is on VSCA 6.5 U3f, with external PSCs.
Anyone know what's going on here?
Hello,
Are you talking about the event ID 2889 which are getting logged in your Domain Controllers?
If yes, then VMware is still investigating on the issue and there is no solution/workaround for the Customers using IWA as identity source.
Hello,
Are you talking about the event ID 2889 which are getting logged in your Domain Controllers?
If yes, then VMware is still investigating on the issue and there is no solution/workaround for the Customers using IWA as identity source.
Moderator: Moved to vCenter Server
Hi,
have you seen these other two posts?
ARomeo
Are you talking about the event ID 2889 which are getting logged in your Domain Controllers?
If yes, then VMware is still investigating on the issue and there is no solution/workaround for the Customers using IWA as identity source.
Yep, that's the one.
Do you have a link to any further information on this?
Cheers!
Currently, there is no article/KB as investigation is still going on. As there is no clarity which component is generating these events.
will this cause intermittent authentication issues?