Overview#
Event 2888 (DIRLOG_HAVE_REJECTED_UNSIGNED_CLIENTS) is an Windows Security Log Event within the Microsoft Windows Logging for LDAPServerIntegrityEvent 2888 indicates:
- This Domain Controller is currently configured to request and reject clients NOT USING LDAPServerIntegrity for Bind Request.
- The number of Bind Request this Domain Controller REJECTED from DUA within the past 24 hours without LDAPServerIntegrity
Setting for the "LDAP Interface Events" event logging category to level 2 or higher allows viewing:
- Number of simple binds performed without SSL/TLS: "Value"
- Number of Negotiate/Kerberos/NTLM/Digest binds performed without signing: "Value"
More Information#
There might be more information for this subject on one of the following:- [#1] - Event ID 2888 — LDAP signing
- based on information obtained 2020-01-18
- [#2] - LDAP signing
- based on information obtained 2020-01-18