Secure LDAP does not work using the FQDN of the domain for GCs?

I have been running into this issue a couple of times. You have a forest with multiple domains and you cannot use LDAPs if you are using the FQDN of the domain in your LDAP connection string to connect to a global catalog. Here is a simple scenario: (Note that this is also valid when…

0

Track down LDAPs clients on a domain controller

You probably wonder why that could be a big deal. Usually clients not doing LDAPs are the ones we worry about (for security reasons, simple binds over LDAP aren't your best friends). Yet I have been facing situations where we need to identify who is doing LDAPs. Here is the scenario I have been seeing a couple of times:…

2