Skip to main content

NetApp wins prestigious Coveo Relevance Pinnacle Award. Learn more!

INSIGHT Japan :2023年 1月25日(水)ANAインターコンチネンタルホテル開催 へ参加・申込を行う

NetApp Knowledge Base

What impact will Microsoft ADV190023 have on SANtricity OS?

Last Updated:

Applies to

  • SANtricity
  • LDAP
  • Microsoft Security Advisory: ADV190023


Microsoft Security Advisory ADV190023 changes the behavior of two registry keys:

  1. Recommendation to set LDAP Server Signing Requirements to a registry setting of 2:
Group Policy Setting Registry Setting
Off 0
None 1 (default)
Require Signing 2


  • Setting LDAP Server Signing Requirements to Require Signing may impact existing LDAP client configurations utilizing active-directory domain controllers.
  • Set this to None (registry setting of 1) or Off (registry setting of 0) to prevent an impact to SANtricity OS.
    • Note: Events 2886 and 2887 may be observed.
  • Set this to Require Signing (registry setting of 2) only if using LDAPS or TLS.
    • Note: Events 2888 and 2889 indicate LDAP is rejecting the SANtricity's LDAP client.
  1. Recommendation to set LDAP Enforce Channel Binding to a registry setting of 1:
Group Policy Setting Registry Setting
Never 0
When Supported 1
Always 2
  • Affects LDAP over TLS or LDAPS.
  • Should have no impact on SANtricity's LDAP client.
    • Note: Setting this option in the registry to Always (registry setting of 2) will prevent SANtricity's LDAP client from authenticating.

Additional Information



Scan to view the article on your device