Microsoft intends to release a security update to add options for administrators to harden the configurations for LDAP channel binding on Active Directory domain controllers. This update is set to be available in March 2020. If administrators make the hardening changes, Microsoft Active Directory server will reject LDAP simple binds.
Mobile Security for Enterprise customers using None as Encryption Type will be affected by this change. Customers should change the Active Directory Settings to LDAP over SSL or LDAP startTLS before applying the Microsoft security update.
Trend Micro strongly advises administrators to enable LDAP channel binding and LDAP signing, and switch Mobile Security for Enterprise Active Directory settings to LDAP over SSL or LDAP startTLS between now and March 2020 to prepare for this coming Microsoft update. If any compatibility issues are found, administrators will need to contact Trend Micro for support.
