Domain controller: LDAP server channel binding token requirementsID: oval:org.secpod.oval:def:92709 | Date: (C)2023-08-29 (M)2023-12-12 |
Class: COMPLIANCE | Family: windows |
This setting determines whether the LDAP server (Domain Controller) enforces
validation of Channel Binding Tokens (CBT) received in LDAP bind requests that are sent over SSL/TLS (i.e. LDAPS).
For more information, see https://support.microsoft.com/help/4034879 .
Some important points:
* Before configuring this setting to "Enabled, always," all clients must have installed the security update described in CVE-2017-8563 (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8563).
Platform: |
Microsoft Windows Server 2016 |