According to this Microsoft article, Microsoft will release a security update on Windows Update to add options for administrators to harden the configurations for LDAP channel binding on Active Directory domain controllers.
This update will be available in March 2020. Know the impact of this update on Hosted Email Security (HES) and Trend Micro Email Security (TMEMS) if administrators make the hardening changes.
Customers may not have chosen the option Use SSL when connecting to their Active Directory server, as shown below:
In such scenario, they would get an error similar below when they deploy the new patch of Microsoft on LDAP channel binding which would be released on March 2020.
The solution is to enable Use SSL and then update the setting.
To update the setting:
- Double-click the existing entry.
- Tick the Use SSL checkbox.
- Click Update.
Once completed, the Active Directory Sync Tool should work well. This solution applies for HES and TMEMS.
