To make sure that the attacker doesnt use a forged LDAP client to change server configuration and data, it is essential to enabling LDAP signing. It is equally important to enable it on the client machines. The last section helps you to figure out clients that do not have Require signing enabled on the computer. It is a useful tool for IT admins to isolate those computers, and enable the security settings on the computers. The first and foremost thing to do is take a backup of your...

Read the full article at The Windows Club