ZCM 2017 and Windows Server 2019 Updates User source ERROR
Hello everyone. New updates came out for Windows Server 2019, and were just applied to my master domain controller yesterday. All Secure 3 party LDAP clients seem to be able to connect still, however, the updates for AD LDAP SSL seem, to have affected ZCM 2017, I can no longer make a secure user source connection from my ZCM 2017 servers to my Windows Server 2019 SSL AD servers. On reboot, none of my ZCM server can connect to Windows Server 2019 Secure LDAP, however other third party client, even after reboot, CAN, so this issue seem to be affecting just ZCM SSL connections right now. As an exmaple, on a full Reboot Google GCDS can still do a secure SSL connect to my AD LDAP. Has anyone else seen this, and or found a solution.
You did not actually detail what you are referring to, so I will have to guess...
Specifically, a new GPO setting was added - "Domain controller: LDAP server channel binding token requirements"
A related setting already existed: "Domain controller: LDAP server signing requirements"
I have verified that my ZCM 17.4.1 Appliance and ZCM 2020 Appliance both worked with any combination of: "1 and 1", "1 and 2", "2 and 1" and "2 and 2" for those settings.
"Domain controller: LDAP server signing requirements" never seemed to have no impact regardless of SSL/ClearText settings
"Domain controller: LDAP server channel binding token requirements" broke Non-SSL but worked fine with SSL.
What version of ZCM? What specific settings/changes did you make? Yesterday's patches have no impact unless you made additional configuration changes.
Was ZCM configured to use SSL Prior to yesterday?
Please give a hearty thumbs up to any post you find helpful!
To find articles by Craig Wilson simply follow the link: Craig Wilson's Tips!