Hi All
i would like to ask a question about Unsigned LDAP how one can explain it as simple as possible you know.
If you can't explain it simply, you don't understand it well enough.
So my assumption was that like with Certificates when Dc reply to LDAP query it signs LDAP with is private key, then client could check CRL having RootCA chain see that the replay is valid and authentic and decrypt with DC public key (SSL handshake)
i have a lots of Linux boxes they trigger Unsigned events (i know it could be false postive but still) my assumption was that if i install RootCa cert on them i would resolve the issue. but it seems that Kerberos itself its signed (with what ? krbtgt password?) also What does exactly Unsigned LDAP means? that client sending the query could not be check for autheticity ?? i could read MS documentation but no clear explanation is given imho.
so one thing that i am sure of is that i don't know how it is working =) thanks for any feedback