This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Event 2887
Event 2887

Version management

Difference between version and

At line 1 added 19 lines
!!! Overview
[{$pagename}] (DIRLOG_WOULD_REJECT_UNSIGNED_CLIENTS) is an [Windows Security Log Event] within the [Microsoft Windows] [Logging] system to assist in [LDAPServerIntegrity]
[{$pagename}] indicates:
* This [Domain Controller] is configured to accept binds using [LDAPServerIntegrity] but __NOT__ currently configured to reject [LDAPServerIntegrity] for [Bind Request]
* The number of [Bind Request] this [Domain Controller] received from [DUA] within the past 24 hours __without__ using [LDAPServerIntegrity]
Setting for the "LDAP Interface Events" event logging category to level 2 or higher allows viewing:
* Number of simple binds performed without SSL/TLS: "Value"
* Number of Negotiate/Kerberos/NTLM/Digest binds performed without signing: "Value"
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Event ID 2887 — LDAP signing|https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd941856(v=ws.10)?redirectedfrom=MSDN|target='_blank'] - based on information obtained 2020-01-18
* [#2] - [LDAP signing|https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd941832(v=ws.10)?redirectedfrom=MSDN|target='_blank'] - based on information obtained 2020-01-18
* [#3] - [Identifying Clear Text LDAP binds to your DC's|https://docs.microsoft.com/en-us/archive/blogs/russellt/identifying-clear-text-ldap-binds-to-your-dcs|target='_blank'] - based on information obtained 2020-01-18
* [#4] - [Query-InsecureLDAPBinds.ps1|https://github.com/russelltomkins/Active-Directory/blob/master/Query-InsecureLDAPBinds.ps1|target='_blank'] - based on information obtained 2020-01-18
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop