Hi Community,
On March 10th, 2020 Microsoft recommends to move to LDAP channel binding and LDAP signing to avoid replay attacks on the LDAP communication.
After the hardening changes are done, Simple Authentication and Security Layer (SASL) LDAP binds that do not request signing (integrity verification) will be rejected by Active Directory domain controllers.
Sophos UTM supports LDAP authentication over SSL/TLS to avoid man-in-the-middle attacks.
For more information, please refer to the below-mentioned article:
Related information
This thread was automatically locked due to age.