Implementing CVE-2017-8563 - LdapEnforceChannelBinding

  • 120 Views
  • Last Post 23 January 2019
ZJORZ posted this 21 January 2019

Hi, Anyone have any experiences/stories regarding the implementation of CVE-2017-8563 (LdapEnforceChannelBinding), especially with older/legacy Windows clients, but also with NON-Windows clients? Thanks Met Vriendelijke Groeten / Cumprimentos / Kind Regards,Jorge de Almeida Pinto MVP Enterprise Mobility And Security | MCP/MCSE/MCITP/exMCTMVP Profile | Blog | Facebook | Twitter Description: Description: Description: Description: Think Green 

Order By: Standard | Newest | Votes
Ravi.Sabharanjak posted this 21 January 2019

We implemented this. So far, issues with Citrix netscalar and polycom, with no support yet, routing these to 2 DCs that don't have the feature enabled.
Some issues with older php / Java that were handled by an upgrade.
-Ravi

show

ZJORZ posted this 22 January 2019

Hi Ravi, The issues you are mentioning, were those caused with value 1 or 2 of the reg setting? Met Vriendelijke Groeten / Cumprimentos / Kind Regards,Jorge de Almeida Pinto MVP Enterprise Mobility And Security | MCP/MCSE/MCITP/exMCTMVP Profile | Blog | Facebook | Twitter Description: Description: Description: Description: Think Green 

show

Ravi.Sabharanjak posted this 23 January 2019

Hi Jorge,
The issue showed up with both settings, the optimistic as well as the enforcement setting.
-Ravi

show

Close