Educause Security Discussion mailing list archives
Re: REN-ISAC Advisory: Microsoft LDAP Changes
From: Michael Davis <mdavis () REN-ISAC NET>
Date: Fri, 7 Feb 2020 12:06:16 -0600
Nice catch, Scott, thanks! While the preparation guidance is still applicable, Scott points out the added benefit of extra breathing room. We've updated our advisory to reflect Microsoft's new projected timeline of "the second half of calendar year 2020" for these changes. The latest advisory is available at https://www.ren-isac.net/public-resources/alerts/LDAP%20Signing%20Advisory.h tml Happy Friday, Michael From: Scott Norton <dsnorton () uw edu> Sent: Thursday, February 6, 2020 8:27 AM To: mdavis () REN-ISAC NET; SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] REN-ISAC Advisory: Microsoft LDAP Changes Microsoft has announced a change to this and are punting the default change. https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023 The now planned update should help folks get the job done by adding new auditing. _____ From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> > on behalf of Michael Davis <mdavis () REN-ISAC NET <mailto:mdavis () REN-ISAC NET> > Sent: Thursday, February 6, 2020 6:06:56 AM To: SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> <SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> > Subject: [SECURITY] REN-ISAC Advisory: Microsoft LDAP Changes Greetings, The REN-ISAC has issued the attached advisory to call attention to the upcoming changes in default LDAP binding / signing configurations that Microsoft plans to roll out next month. This change may disrupt clients that rely on the historic default LDAP behavior. See attached advisory for recommended actions and further information. On behalf of the REN-ISAC team, Michael Davis Lead Security Engineer REN-ISAC ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- REN-ISAC Advisory: Microsoft LDAP Changes Michael Davis (Feb 06)
- Re: REN-ISAC Advisory: Microsoft LDAP Changes Scott Norton (Feb 06)
- Re: REN-ISAC Advisory: Microsoft LDAP Changes Michael Davis (Feb 07)
- Re: REN-ISAC Advisory: Microsoft LDAP Changes Scott Norton (Feb 06)