The Microsoft Domain Controller (DC) used to configure LDAP support within InterScan Web Security Suite (IWSS) 3.1 or InterScan Web Security Virtual Appliance (IWSVA) can cause failure of the LDAP server used in authentication. As a result, the DC will not be able to browse the Internet.
You can use this solution entry to enable browsing from the Microsoft Domain Controller that is used to configure LDAP within IWSS or IWSVA.
This issue happens because of a Microsoft limitation.As a workaround, you can do any of the following:
- Add the DC to the LDAP Authentication White List within IWSVA.
- Log on to the IWSS or IWSVA web console.
- Go to Administrator > Network Configuration > Deployment Mode.
- Click the User Authentication tab and then go to the LDAP Authentication White List section to add the Domain Controller.
- Perform the "disable reflection protection" by following this Microsoft article: MS08-068: Vulnerability in SMB could allow remote code execution.