!!! Overview [{$pagename}] (DIRLOG_WOULD_REJECT_UNSIGNED_CLIENTS) is an [Windows Security Log Event] within the [Microsoft Windows] [Logging] system to assist in [LDAPServerIntegrity] [{$pagename}] indicates: * This [Domain Controller] is configured to accept binds using [LDAPServerIntegrity] but __NOT__ currently configured to reject [LDAPServerIntegrity] for [Bind Request] * The number of [Bind Request] this [Domain Controller] received from [DUA] within the past 24 hours __without__ using [LDAPServerIntegrity] Setting for the "LDAP Interface Events" event logging category to level 2 or higher allows viewing: * Number of simple binds performed without SSL/TLS: "Value" * Number of Negotiate/Kerberos/NTLM/Digest binds performed without signing: "Value" !! More Information There might be more information for this subject on one of the following: [{ReferringPagesPlugin before='*' after='\n' }] ---- * [#1] - [Event ID 2887 — LDAP signing|https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd941856(v=ws.10)?redirectedfrom=MSDN|target='_blank'] - based on information obtained 2020-01-18 * [#2] - [LDAP signing|https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd941832(v=ws.10)?redirectedfrom=MSDN|target='_blank'] - based on information obtained 2020-01-18 * [#3] - [Identifying Clear Text LDAP binds to your DC's|https://docs.microsoft.com/en-us/archive/blogs/russellt/identifying-clear-text-ldap-binds-to-your-dcs|target='_blank'] - based on information obtained 2020-01-18 * [#4] - [Query-InsecureLDAPBinds.ps1|https://github.com/russelltomkins/Active-Directory/blob/master/Query-InsecureLDAPBinds.ps1|target='_blank'] - based on information obtained 2020-01-18