View Only
  • 1.  unsigned ldap requests from vCenter

    Posted Feb 20, 2020 01:18 PM

    Hi @all,

    I already found some threads about the Microsoft changes from ldap to ldaps but they did not yet help me.

    Our vCenter is joined to our AD. At the identity sources I have configured the root domain of the forest with "Active Directory (Integrated Windows Authentication)".

    When I now look at the ldap logs of the AD Domain Controller I see that the machine account of the vCenter makes unsigned connections.

    On my test vCenter I setup an ldaps connection instead of the "Active Directory (Integrated Windows Authentication)" but there is the same behavior.

    How can I change them to signed ones?

    Regards Wolfgang

  • 2.  RE: unsigned ldap requests from vCenter
    Best Answer

    Posted Feb 20, 2020 01:41 PM


    Have you seen these official press releases from VMware and Microsoft?


    VMware vSphere & Microsoft LDAP Channel Binding & Signing (ADV190023) - VMware vSphere Blog


    However, there is still time because the change will be active in the second half of 2020

    "A further future monthly update, anticipated for release the second half of calendar year 2020, will enable LDAP signing and channel binding on domain controllers configured with default values for those settings."



    vCenter LDAP binding and signing


  • 3.  RE: unsigned ldap requests from vCenter

    Posted Feb 21, 2020 12:25 PM

    Hi AlessandroRomeo68,

    thanks for your replay. When I understood it right our config should not be affected:

    Thanks and best regards


  • 4.  RE: unsigned ldap requests from vCenter

    Posted Feb 21, 2020 12:30 PM

    Great! from the image I see is correct.


  • 5.  RE: unsigned ldap requests from vCenter

    Posted Mar 23, 2020 02:34 PM


    I am also using Windows Integrated Authentication. But I still see plain text unsigned bind requests. Which makes me not believe VMware's article.

    Any thoughts?