Effective December 3, NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources.
For accounts that did not pre-register (prior to Dec 3), access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

ONTAP Discussions

BUG - LdapEnforceChannelBinding

DONBARTON1

We are being directed by our Organization to implement LdapEnforceChannelBinding, specifically, Channel Binding Token (CBT) to 2 as a registry key.

 

I've opened a case and was told that this is not supported as mentioned in the KB/BURT.  There is a roadmap to maybe be supported in 9.10? 

 

My question is, is anyone else dealing with this, and what did you do to resolve it?  Or, are we unique? 🙂

 

Note: Our current plan is to switch to a Windows File server and present storage from OnTap.

 

Any inputs would be greatly appreciate.  Thanks!

 

KB

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Microsoft_Security_Advisory%3A_ADV190023_impact_on_NetApp_appliance_ru...

 

BURT

https://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=1136213

 

MS Adv

https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV190023

 

 

2 REPLIES 2

paul_stejskal

If you have a case open, ask if they can backport it if you really need it. Talk to your account team to help prioritize it too.

DONBARTON1

Thank you for the reply.  I was wondering if there was anyone out there in the same boat and what their course of action was.  I found another thread with the same message I was told in my case. 

 

"Our Engineering Team is working closely with Microsoft and has provided an update last week that the fix for RFE 1136213: Implement channel binding tokens for LDAP with StartTLS is tentatively scheduled for ONTAP 9.10. As paul_stejskal mentioned, please work with your Account Team if you need this fixed earlier."

 

https://community.netapp.com/t5/ONTAP-Discussions/LDAP-connection-failures-when-channel-binding-is-enforced-by-the-Windows-LDAP/td-p/161187

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public