Impact of Microsoft Security Advisory ADV190023 LDAP Channel Binding And LDAP Signing on Secure Global Desktop
(Doc ID 2629172.1)
Last updated on MAY 06, 2020
Applies to:Oracle Secure Global Desktop - Version 5.4 and later
Information in this document applies to any platform.
Microsoft is planning to release a patch in March 2020 regarding ADV190023.
This advisory provided by Microsoft addresses the issue by recommending a new set of default configurations for LDAP channel binding and LDAP signing on Active Directory Domain Controllers that supersedes the original less secure configuration.
Reading the following advisory links:
suggests LDAPS (TLS), AD+clientcerts (TLS) and AD (Kerberos) service objects in SGD could be affected by these changes.
This document is to explain the impact of this patch on SGD customers who use LDAPS/AD service objects and the test progress.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|Impact In March 2020|
|Impact when the settings are changed|
|Option 1 - Raise the security-level of SGD|
Option 2 - Lower the security-level of AD