{"id":303230,"date":"2024-09-23T00:04:08","date_gmt":"2024-09-22T22:04:08","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=303169"},"modified":"2025-05-31T20:33:22","modified_gmt":"2025-05-31T18:33:22","slug":"active-directory-hardening-erzwingen-der-ldap-kanalbindung","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2024\/09\/23\/active-directory-hardening-erzwingen-der-ldap-kanalbindung\/","title":{"rendered":"Active Directory Hardening: Erzwingen der LDAP-Kanalbindung"},"content":{"rendered":"<p><img decoding=\"async\" style=\"margin: 0px 10px 0px 0px; display: inline; float: left;\" title=\"Windows\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Windows-klein.jpg\" alt=\"Windows\" width=\"200\" align=\"left\" \/>[English]Kleiner Nachtrag in Sachen verbesserte Active Directory-Sicherheit. Microsoft hat bereits vor einigen Tagen einen Techcommunity Beitrag in der Reihe \"Active Directory Hardening\" ver\u00f6ffentlicht. Es geht um das Erzwingen der\u00a0 LDAP-Kanalbindung unter Windows. Dies soll Relay- und MITM-Angriffe gegen LDAP verhindern.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg05.met.vgwort.de\/na\/435f37692892476aa027e6caa8b4a8f0\" alt=\"\" width=\"1\" height=\"1\" \/>Mir ist das ganze Thema bereits Anfang September 2024 unter die Augen gekommen (siehe nachfolgender Tweet). Microsoft hat das Ganze im Techcommunity-Beitrag <a href=\"https:\/\/techcommunity.microsoft.com\/t5\/core-infrastructure-and-security\/active-directory-hardening-series-part-5-enforcing-ldap-channel\/ba-p\/4235497\" target=\"_blank\" rel=\"noopener\">Active Directory Hardening Series &#8211; Part 5 \u2013 Enforcing LDAP Channel Binding<\/a> ver\u00f6ffentlicht.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/i.postimg.cc\/15ybP0y5\/image.png\" alt=\"Active Directory Hardening: Enforcing LDAP Channel Binding\" width=\"607\" height=\"444\" \/><\/p>\n<p>Jerry Devore von Microsoft befasst sich im Beitrag mit der Sicherung von LDAP. In Teil 5 geht es um die LDAP-Kanalbindung. Kanalbindung kann verwendet werden, um Relay- und MITM-Angriffe gegen LDAP zu verhindern.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Kleiner Nachtrag in Sachen verbesserte Active Directory-Sicherheit. Microsoft hat bereits vor einigen Tagen einen Techcommunity Beitrag in der Reihe \"Active Directory Hardening\" ver\u00f6ffentlicht. Es geht um das Erzwingen der\u00a0 LDAP-Kanalbindung unter Windows. Dies soll Relay- und MITM-Angriffe gegen LDAP verhindern.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,301,2557],"tags":[4328,3288],"class_list":["post-303230","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-windows","category-windows-server","tag-sicherheit","tag-windows-en"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/303230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=303230"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/303230\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=303230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=303230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=303230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}