Hello,
Microsoft released this bulletin where apparently, starting from March 20 and then postponed to 2nd half of 2020, some Windows Updates will enforce the usage of LDAPS instead of LDAP protocol, which is unsafe.
A PcVue 11.1 customer asked me if this can impact PcVue Active Directory behaviour.
I made some tests by creating 2 VM:
- A domain controller Windows Server 2019 where I enabled LDAPS and forced it via GPO using these guides and this GPO:
https://pdhewaju.com.np/2016/04/08/installation-and-configuration-of-active-directory-certificate-services/
https://pdhewaju.com.np/2017/03/02/configuring-secure-ldap-connection-server-2016/ - A client machine with Windows 10 and PcVue 11.1 (I tested this version only for the moment) under that domain
And it seems to works OK as usual, but I'm wondering if any of you has different feedbacks.
Thankyou!
Hi Filippo,
Thank you for these tests but 11.1 is not supposed to work on W10 !!
Anyway, do you have some time to do the same test with 12.0?
Nico
Hello!
I repeated my tests using PcVue 12 Update 14 under Windows 10 & LDAPS.
It works OK.
According to what I discovered here : https://social.technet.microsoft.com/Forums/azure/en-US/406bdeb4-3a52-422e-84c3-bf9444fc1751/how-to-disable-ldap-and-force-ldaps?forum=winserverDS it's not supported to block TCP/UPD ports 389 (Plain LDAP) keeping only 636 (LDAPS). Both service must stay available, it's a domain policy that enforce client uses LDAPS.


