Windows 10: Some DCs require GSSAPI for LDAP connetions

Discus and support Some DCs require GSSAPI for LDAP connetions in Windows 10 Gaming to solve the problem; I have weird issue that has cropped up. We have 8 writable Domain Controllers and 2 RODCs, all are 2016.We updated all but 3 DCs to block use of... Discussion in 'Windows 10 Gaming' started by Jez Roberts, Jan 23, 2023.

  1. JEZ ROBERTS
    Jez Roberts Win User

    Some DCs require GSSAPI for LDAP connetions


    I have weird issue that has cropped up. We have 8 writable Domain Controllers and 2 RODCs, all are 2016.We updated all but 3 DCs to block use of TLS1.0/1.1 and bunch of depricated hashes and cyphers etc.After this we have noticed some issues with LDAP queries from some applications to specific DCs, they appear to make a connection but can not enumerate AD.I have reverted the changes, even to the extent of positively allowing the previously blocked stuff, but the problem persists.Using LDP and LDAPAdmin I can make a connection, however, a Bind fails unless I use GSSAPI on LDAPAdmin and Negotiat

    :)
     
    Jez Roberts, Jan 23, 2023
    #1
  2. SHIBDIB
    ShiBDiB Win User

    eJabberd and LDAP Question

    Trying to setup mod_shared_roster_ldap and can't seem to get it to work.

    Currently using this config
    Code: mod_shared_roster_ldap: ldap_base: "dc=the-culture,dc=eu" ldap_rfilter: "(objectClass=inetOrgPerson)" ldap_groupattr: "corporation" ldap_memberattr: "characterName" ldap_filter: "(memberUid=*)" ldap_userdesc: "characterName"[/quote] With this LDAP setup

    Some DCs require GSSAPI for LDAP connetions H7A5qe7.png


    My understanding of LDAP is limited as this is the first time I've used it so it's possible I'm missing something basic. But I'm trying to have my contact lists show the users separated based on the corporation attribute.
     
    ShiBDiB, Jan 23, 2023
    #2
  3. ANTONIOSIM
    AntoniosIM Win User
    Security update - 2020 LDAP channel binding and LDAP signing requirement for Windows

    I have a question related to the security update (2020 LDAP channel binding and LDAP signing requirement for Windows) described

    in https://support.microsoft.com/en-us...ding-and-ldap-signing-requirement-for-windows

    Is there a way to configure the domain controller, so that even if secure binding becomes enabled by default, application servers (sending the windows credentials to domain controller) can override that in some way to support simple binding?
     
    AntoniosIM, Jan 23, 2023
    #3
  4. MAURO11998IN
    mauro11998in Win User

    Some DCs require GSSAPI for LDAP connetions

    ldaps doesn't work

    Hi all,



    after restoring the C:\ProgramData\Microsoft\Crypto directory, all services work fine except LDAPS.



    The ldp.exe test works fine from the DCs servers but not from a non domain server.

    Also tried with ldapsearch via linux without success.



    LDAP is ok.



    Any advice?

    Thanks
     
    mauro11998in, Jan 23, 2023
    #4
Thema:

Some DCs require GSSAPI for LDAP connetions

Loading...

  1. Some DCs require GSSAPI for LDAP connetions - Similar Threads - DCs require GSSAPI

  2. Some DCs require GSSAPI for LDAP connetions

    in Windows 10 Software and Apps
    Some DCs require GSSAPI for LDAP connetions: I have weird issue that has cropped up. We have 8 writable Domain Controllers and 2 RODCs, all are 2016.We updated all but 3 DCs to block use of TLS1.0/1.1 and bunch of depricated hashes and cyphers etc.After this we have noticed some issues with LDAP queries from some...

  3. ldaps doesn't work

    in Windows 10 Gaming
    ldaps doesn't work: Hi all, after restoring the C:\ProgramData\Microsoft\Crypto directory, all services work fine except LDAPS. The ldp.exe test works fine from the DCs servers but not from a non domain server. Also tried with ldapsearch via linux without success. LDAP is ok. Any advice? Thanks...

  4. ldaps doesn't work

    in Windows 10 Software and Apps
    ldaps doesn't work: Hi all, after restoring the C:\ProgramData\Microsoft\Crypto directory, all services work fine except LDAPS. The ldp.exe test works fine from the DCs servers but not from a non domain server. Also tried with ldapsearch via linux without success. LDAP is ok. Any advice? Thanks...

  5. LDAP issue with powershell

    in Windows 10 Customization
    LDAP issue with powershell: Hello, I have created one PowerShell script to get the Active directory data. In which I used Active Directory Domain Services to get the data. I am using the JSON file to provide the Input. The command is as below "$allGroups = Find-LdapObject -SearchFilter...

  6. connet my iphone

    in Windows 10 Customization
    connet my iphone: i can't find my iphone in microsoft for software update https://answers.microsoft.com/en-us/windows/forum/all/connet-my-iphone/53066083-477f-4123-aa3f-c39b2f5168ac

  7. Remote Desktop Connetion

    in Windows 10 Network and Sharing
    Remote Desktop Connetion: I am trying to connect to a RD2 remote desktop connection on Surface Pro 7Windows 10 Pro and I am unable to. I tried using the Microsoft Remote Desktop app and all I get is that it's connecting, but never actually connects. Through website Chrome, Edge I get an error message...

  8. Changes to LDAP-2020

    in Windows 10 Customization
    Changes to LDAP-2020: Hi, With the changes to LDAP announced in the link below, Will this update completely stop plain LDAP from functioning? https://support.microsoft.com/en-au/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows...

  9. Security update - 2020 LDAP channel binding and LDAP signing requirement for Windows

    in AntiVirus, Firewalls and System Security
    Security update - 2020 LDAP channel binding and LDAP signing requirement for Windows: I have a question related to the security update 2020 LDAP channel binding and LDAP signing requirement for Windows described in https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows Is there a way to configure...

  10. LDAP Client

    in Windows 10 Network and Sharing
    LDAP Client: Hi everybody, whats options I have for connect and login authentification of multilples Windows 10 HOME Edition at my LDAP Server Linux ? Any different options to PGINA software? Best regards...