AD experts out there, you will be able to shed light on LDAP channel binding, LDAP signing, and Kerberos authentication. I have been reading the link below and states that the March 2020 update will enable LDAP signing on the Active Directory server by default. My understanding is that any device which use LDAP is going to be broken,
We have windows 2012 AD domain controllers and Windows 10 PCs, All the PC are part of the AD in this case they use Kerberos authentication so we do not need to worry about LDAP signing unless we use any non-AD device for LDAP query then we have to make sure that they use SSL/TLS, am I connect?
My next question,
Where and when do this LDAP channel binding and LDAP signing come into account in AD?