Microsoft

Operation

Operation

Changes to supporting LDAP channel binding and signing for Windows

LDAP Security: LdapEnforceChannelBinding

When you use LDAP unencrypted or unsigned the problem is that LDAP operations can be manipulated when running in the network.
Microsoft with the Active Directory is using LDAP and until now it was possible to use LDAP in cleartext.

This will change and Microsoft will only allow LDAPS and signed LDAP connections.