[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Need to edit in a domain controler local security policy the option Domain Controller: LDAP server signing requierements

Posted on 2013-01-07
Medium Priority
Last Modified: 2013-01-07
Dear Exteperts:

I am working on getting our Cisco Unity system to work with our LDAP and I need to unchecked this option "Domain controller: LDAP server signing requirements" located in the Local Security Policy of our domain controllers. Unfortunately is gray out for me to make a change. I need to know how to go by making this change. Domain-Controller.docx

Thanks for your help!
Question by:marceloNYC
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 10

Accepted Solution

convergint earned 1200 total points
ID: 38751874
It is being controlled through Group Policy.  Open your Group Policy Management Editor and either edit the policy that is being applied to your server or create a new policy to apply to your server.
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 800 total points
ID: 38751900
There must be default domain controllers policy GPO in your GPMC console ...Edit this setting from that GPO and run gpupdate /force /boot

Author Comment

ID: 38751945
I can't make the change it is saying that "The system cannot find the file specified" Failed to saveDomain-Controller.docx
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.


Author Comment

ID: 38751978
The file is there by the way... I am sure it needs some editing
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38751979
Check your DNS settings make sure its pointing to internal Valid DNS only ...No public IP's should be there in TCP/IP of DC

How we should Configuere DNS on our DC :-->

Every DNS server should Point to its own IP as a primary DNS and DNS located in remote site as a secondary DNS in TCP/IP properties
All the unused NIC's to be disabled
Valid DNS Ip from ISP to be configuered in DNS forwarders Do not configuere local DNS in forwarders
Public DNS IP's Should not be used at any NIC Card except Forwarders
Domain Controllers should not be multi-homed
Running VPN server and RRas server makes the DC multihomed refer http://support.microsoft.com/default.aspx?scid=kb;en-us;272294

If anything above is incorrect please correct it and run "ipconfig /flushdns & ipconfig /registerdns " and restart DNS service using "net stop dns & net start dns"

DNS best practices

Checklist: Deploying DNS for Active Directory

DNS Arguments


Author Comment

ID: 38752101
Saranga Tingura, you are saying is a DNS issue why I cannot edit the group policies in Active Directory?
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38752201
Some times due to DNS issue it may happen as I have came across this condition before and the server had Public DNS configured BTW have you cross checked DNS

Author Closing Comment

ID: 38752272
Thank You so much guys! Have a good one!
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38752343
Hope the issue got resolved ..I guess you have created new Group policy ...I would strongly recommend you to Get that error resolved if not

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question