https://live.paloaltonetworks.com/t5/general-topics/ldap/m-p/616303#M121942 <P>We plan to enable channel binding for LDAP on our domain controllers.&nbsp; Since the firewalls use LDAP for querying AD information from the domain controllers, do we need to make any configurations to the firewalls to be compatible?</P> Thu, 07 Nov 2024 04:53:45 GMT AGWilliams 2024-11-07T04:53:45Z https://live.paloaltonetworks.com/t5/general-topics/ldap/m-p/616303#M121942 <P>We plan to enable channel binding for LDAP on our domain controllers.&nbsp; Since the firewalls use LDAP for querying AD information from the domain controllers, do we need to make any configurations to the firewalls to be compatible?</P> Thu, 07 Nov 2024 04:53:45 GMT https://live.paloaltonetworks.com/t5/general-topics/ldap/m-p/616303#M121942 AGWilliams 2024-11-07T04:53:45Z https://live.paloaltonetworks.com/t5/general-topics/ldap/m-p/616384#M121953 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/231949">@AGWilliams</a>,</P> <P>Can't say that I've ran into an environment that has had this functionality enabled, either because the firewall supports it without issue and nothing was needed or they just don't have it enabled. Server 2019 and Server 2022 does have the ability to setup audit events to identify clients that don't support channel binding tokens, so I would just ensure that you enable it for <STRONG>When Supported </STRONG>and audit those events to verify before mandating it on the controllers. </P> Fri, 08 Nov 2024 01:21:39 GMT https://live.paloaltonetworks.com/t5/general-topics/ldap/m-p/616384#M121953 BPry 2024-11-08T01:21:39Z