is planning to enable LDAP channel binding and LDAP signing requirements
(LDAPS) by default through a patch on Active Directory servers in the second
half of 2020.
After installing the patch, it will no longer be possible to communicate with
the Active Directory via Simple Bind Port TCP 389 to prevent passwords from
being transmitted in clear text. Communication will then only take place
encrypted via PortTCP 636 SSL.
Please also read: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023.
For security reasons, AEB recommends all customers who operate an AEB Engine in their own data center and who use a configured LDAP connection within this AEB product to use the time now and chnge LDAP access to LDAPS (TCP 636 SSL).