I've been getting this error since we upgraded the domain controllers to server 2008. After enabling the detailed logging I get event ID 2887 about every 3 minutes from my Mac computers:
The following client performed a SASL (Negotiate/Kerberos/NTLM/Digest) LDAP bind without requesting signing (integrity verification), or performed a simple bind over a cleartext (non-SSL/TLS-encrypted) LDAP connection.
Client IP address:
207.157.74.96:49660
Identity the client attempted to authenticate as:
NSSTC-UAH\christymac$
We've tried forcing them to digitally sign their LDAP requests but that didn't seem to work. Googling the event ID's doesn't give much help either. Any thoughts?
Bookmarks