Windows update which is coming on March change behavior to access AD.
LDAP channel binding and LDAP signing requirement is default.
Does this change affect PAMSC ?
1. Does PAMSC use following method to access AD server?
- no required signing access, negotiate, Kerberos, NTLM or Digest, SASL LDAP binding
- clear text(no encryption) LDAP binding
2. If PAMSC use above method, please let him know how to change it.
Release : 14.0
Component : PAM SERVER CONTROL ENDPOINT WINDOWS
As default, User store on Enterprise Management is configured with LDAP(389).
So, customer required change port.
Please change configuration along with following page.
For Example, CA Privileged Access Manager Server Control SSL Communication
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager-server-control/14-1/implementing/communication-encryption/ca-privileged-access-manager-server-control-ssl-communication.html
Endpoint component does not use LDAP access. So, it does not affect by this change.
All PIM/PAMSC server component has same issue.