[cifs-protocol] 120022021002221 MS-ADTS | Optional LDAP channel-binding in Windows
obaidf at microsoft.com
Sat Feb 29 00:50:17 UTC 2020
The clients that support channel binding will include a channel binding regardless. The ones that are patched will include a proper channel binding and once that are not patched will include a channel binding of zeros.
The clients that do not have channel binding capability will not include channel binding at all.
I am looking into as to where to document this and will update you
Please let me know if this does not answers your question.
Escalation Engineer | Microsoft
From: Tom Jebo <tomjebo at microsoft.com>
Sent: Thursday, February 20, 2020 4:19 PM
To: Isaac Boukris <iboukris at gmail.com>; Stefan Metzmacher <metze at samba.org>; Simo Sorce <simo at redhat.com>; cifs-protocol at lists.samba.org
Cc: support <support at mail.support.microsoft.com>
Subject: RE: 120022021002221 MS-ADTS | Optional LDAP channel-binding in Windows
[dochelp to bcc]
[support to cc]
Thank you for you question about LDAP channel-binding. One of the Open Specifications team members will respond to begin assisting you with this question. In the meantime, I've created case 120022021002221 to track and added the case number to the subject of this email. Please leave the case number in the subject and refer to it when communicating about this issue with us.
Sr Escalation Engineer
Microsoft Open Specifications
From: Isaac Boukris <iboukris at gmail.com>
Sent: Thursday, February 20, 2020 12:11 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>; Stefan Metzmacher <metze at samba.org>; Simo Sorce <simo at redhat.com>; cifs-protocol at lists.samba.org
Subject: [EXTERNAL] MS-ADTS | Optional LDAP channel-binding in Windows
Another question on channel-binding in LDAP, per:
The documentation says that when LdapEnforceChannelBindings=1 only client that supports channel-bindings are required to provide it. Can you please document how does this work? How the server knows the client version to apply this logic?
More information about the cifs-protocol