I am doing a bunch of tests in a lab environment where I could confirm the behavior of vCenter, Horizon and App Volumes with regards to the Microsoft march update.

All 3 are OK with LDAP signing when configured as LDAPS.

However App Volumes is not OK with Channel Binding when LdapEnforceChannelBinding is set to 2 (ok if set to 1).

In the logs I get an LDAP 49 error (failed login) even though the creds are correct.

The server is patched windows udpate wise.

I get a 1216 in the Directory Service diagnostic event log on the DC.

3 questions :

• Will the Microsoft update set LdapEnforceChannelBinding  to 1 or 2 ?
• Is App Volumes just not compatible with channel binding tokens ?
• Am I missing something?