pfsense - LDAP to Windows 2025 without CA
To be able to hook up pfsense to Windows 2025 default AD you need to add a Group Policy to override the defaults in windows 2025 server
| Domain Controller Policy ===Computer Configuration ======Policies =========Windows Settings ============Security Settings ===============Local Policies ==================Security Options =====================Domain controller: LDAP server channel binding token requirements: "When Supported" =====================Domain controller: LDAP server signing requirements: "None" =====================Domain controller: LDAP server Enforce signing requirements: "Disabled" =====================Network security: LDAP client encryption requirements: "Negotiate Sealing" =====================Network security: LDAP client signing requirements: "Negotiate Signing" |
Taken from here