LDAP channel binding and LDAP signing

Question

Hi -

I'm looking for any official guidance on the effects of LDAP channel binding and LDAP signing for Share Point 2010.

In other words, when the change is made to domain controllers via MS Patches, will it affect our SP 2010 application?

Asking for our client. Since MS paused it in March, what is the best course of action with SP 2010 in mind?

Thanks

Answer 1

Well, the question is probably best answered by asking whether SharePoint uses LDAP *at all*. Does it, in your case? Windows authentication (NTLM and/or Kerberos) is not LDAP and will not be affected.

Having said that, enable auditing and search the event logs as per official guidance for events originating from your SharePoint (*if* it uses LDAP at all, that is). My understanding is that you shouldn't be affected but I'm not by any means a SharePoint expert.

---

Evgenij Smirnov

http://evgenij.smirnov.de

Answer 2

Thanks, I was leaning in the same directions. I believe they use NTLM for WFE logins.

I guess I'm more worried about other ancillary aspects since AD and SP are so intertwined, but yes, I will enable events per the KB.

I was more hoping for official guidance for SharePoint admins on the topic which I can't find. But if the information is generic and there are no specific SP issues, I guess I'm good to go.

Answer 3

SharePoint uses LDAP (and the GC:// protocol) for People Picker and User Profile purposes. Shouldn't be any impact on these settings since channel binding requires Negotiate (not Basic) and works with non-SSL connections (People Picker does not implement the use of LDAPS).

---

Trevor Seward

Office Apps and Services MVP

Author, Deploying SharePoint 2019

Author, Deploying SharePoint 2016

This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Answer 4

Hi Hola,

If you find any reply helpful to you, please remember to mark it as answer.

Thank you for your understanding.

Best regards,

Julie

---

Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

SharePoint Server 2019 has been released, you can click here to download it.
Click here to learn new features. Visit the dedicated forum to share, explore and talk to experts about SharePoint Server 2019.

Answer 5

Hi Hola,

I’m checking how the things are going on about this issue. Whether the post helps you?

You can mark the post as answer if it helps.

Thank you for your understanding and support.

Best regards,

Julie

---

Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

SharePoint Server 2019 has been released, you can click here to download it.
Click here to learn new features. Visit the dedicated forum to share, explore and talk to experts about SharePoint Server 2019.