event id 3041 on Domain Controllers

abraham flores 271 Reputation points
2022-08-29T18:17:40.733+00:00

Hi I have a couple of Windows Server 2019 Domain Controllers where the 3041 event ID is showing: ![235770-image.png][1] I found this vulnerability, but to me is not totally clear, I will try to explain it (https://support.microsoft.com/en-us/topic/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows-kb4520412-ef185fb8-00f7-167d-744c-f299a66fc00a#bkmk_table2): - The article recommends to install the March, 2020 updates on the Domain Controllers, but I cannot get them, I tried to download them from this web site: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2017-8563 - What should I do on Windows clients machines? - Registry settings such as LDAPServerIntegrity and LdapEnforceChannelBinding, are they need to be modified? Thank you in advance. [1]: /api/attachments/235770-image.png?platform=QnA

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
4,078 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,962 questions
0 comments No comments
{count} vote

Accepted answer
  1. Anonymous
    2022-08-29T18:49:42.017+00:00

    The article recommends to install the March, 2020 updates on the Domain Controllers, but I cannot get them

    That one is long ago superseded. If you patch them with the latest cumulative update then it should be covered (included).

    --please don't forget to upvote and Accept as answer if the reply is helpful--


1 additional answer

Sort by: Most helpful
  1. abraham flores 271 Reputation points
    2022-09-07T21:59:30.613+00:00

    Yesterday I installed a 2208 cumulative update (KB5016690) on one DC, after the reboot, there were some warnings in the event viewer: 6038 - LsaSrv, 2886 – ActiveDirectory_DomainService, and 3041 LDAP Interface, today just the event ID 3041 showed.

    I looked it up on internet, and for the event ID 2886, there is a policy setting that people recommend: “Computer Configuration>Policies>Windows Settings>Security Settings>Local Policies>Security Options.

    Right-click on Domain Controller: LDAP Server Signing Requirements and select properties.

    Check off Define this Policy Setting.

    Select Require Signing in the drop-down box"

    I am not totally sure if this going to help because this were mainly applied on Windows Server 2008 operating system, there is nothing about Windows Server 2019. I am also not sure why the event ID 3041 is still showing. Is there any other recommendation?

    Regards,
    Abraham.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.