Impact of Microsoft Security Advisory ADV190023 LDAP Channel Binding And LDAP Signing on Secure Global Desktop
(Doc ID 2629172.1)
Last updated on MARCH 14, 2024
Applies to:
Oracle Secure Global Desktop - Version 5.4 and laterInformation in this document applies to any platform.
Goal
Microsoft is planning to release a patch in March 2020 regarding ADV190023.
This advisory provided by Microsoft addresses the issue by recommending a new set of default configurations for LDAP channel binding and LDAP signing on Active Directory Domain Controllers that supersedes the original less secure configuration.
Reading the following advisory links:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023
https://support.microsoft.com/en-us/help/4520412/2020-ldap-channel-binding-and-ldap-signing-requirement-for-windows
suggests LDAPS (TLS), AD+clientcerts (TLS) and AD (Kerberos) service objects in SGD could be affected by these changes.
This document is to explain the impact of this patch on SGD customers who use LDAPS/AD service objects and the test progress.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| Impact In March 2020 |
| Impact when the settings are changed |
| Actions Required |
| Option 1 - Raise the security-level of SGD |
Option 2 - Lower the security-level of AD |
| References |