Sophos UTM: Decommissioning of obsolete URL categorization services CFFS. Click here for important info.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Latest KB's] Configure AD/LDAP authentication over SSL/TLS due to Microsoft's new recommendation

Hi Community,

On March 10th 2020 Microsoft recommends to move to LDAP channel binding and LDAP signing to avoid replay attacks on the LDAP communication.

After the hardening changes are done, Simple Authentication and Security Layer (SASL) LDAP binds that do not request signing (integrity verification) will be rejected by Active Directory domain controllers.

Sophos Email Appliance supports LDAP authentication over SSL/TLS to avoid man-in-the-middle attacks.

Please refer to the below article for more information:

This thread was automatically locked due to age.