In March 2020, systems will stop working if:

They are integrated with Active Directory using non-secure LDAP. Domain controller servers do have the latest patches installed. Sysadmins don’t proactively take steps such as the ones we’ve detailed below.

There are numerous existing guides for setting up secure LDAP but none were as thorough, up to date, or user friendly as we’d like for ourselves or our clients so we decided to try to plug the gap by creating this one.

Update 2020/02/12 11:17: According to a couple of Microsoft articles (1, 2), it seems that the decision has been made to push back this default behaviour to “the second half of calendar year 2020”.

Update 2020/03/24 09:41: It seems that Microsoft have decided not to enforce these changes after all. The following is an excerpt from the same Microsoft articles: