1 2 Previous Next 22 Replies Latest reply on Apr 23, 2020 2:38 AM by vFaust09

    vCenter LDAP binding and signing

    LucFullenwarth Novice

      According to Microsoft, LDAP binding and signing will automatically be enforced on January 2020.




      I have enabled LDAP logging on domain controllers.


      Set-ItemProperty hklm:\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics -Name '16 LDAP Interface Events' -Value 2


      It appears that the vCenter is comming out in the "Directory Service" log with a lot of 2889 events:


      The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification),
      or performed a simple bind over a clear text (non-SSL/TLS-encrypted) LDAP connection.


      Does anyone know how to make the vCenter (vSphere 6.7U3) use LDAP binding (No anonymous or Simple but SASL authentication) and signing?

        1 2 Previous Next