Configuring LDAP channel binding
LDAP channel binding provides enhanced security for network communications between an Active Directory and its clients. It provides a more secure LDAP authentication over SSL and TLS. Starting with Version 22.214.171.124, Control Room supports LDAP channel binding in order to comply with the security release from Microsoft.
By default, channel binding is disabled. You can enable channel binding when required.
- Go to the Control Room installation path.
- From the list of files in the config folder, open the um.properties file with an XML editor such as Notepad++.
Define the um.ldap.channel.binding.enabled property in the
For example, um.ldap.channel.binding.enabled=falseThe default value is
falseand channel binding is disabled.
Change the value to
trueto enable channel binding.Channel binding will be enabled if it is enabled on the server side.
To learn how to enable the channel binding on the server side, see: LDAP enforce channel binding registry entry.
- Save the file.