Microsoft LDAP Channel Binding

Bernd Eckenfels ecki at
Wed Dec 18 22:28:24 UTC 2019

Here is a related bug for ADFS.


Von: Bernd Eckenfels <ecki at>
Gesendet: Mittwoch, Dezember 18, 2019 4:29 AM
An: security-dev at
Betreff: Microsoft LDAP Channel Binding


Microsoft just released an Security Advisory, announcing that upcoming Windows Server Versions will turn on mandatory TLS Channel Binding (and turn off simple binds with mandatory SASL signing) on LDAP Servers.

They also reminded Administrators to install the KB patch and turn the hardened Settings on.

Do you have experiences with this, will Java (8) work with the setting of "mandatory is supported" (1) and/or "mandatory" (2) for this key, and if not what is the plan here?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the security-dev mailing list