Event ID 2888

During the previous 24 hour period, some clients attempted to perform LDAP binds that were either: (1) A SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP bind that did not request signing (integrity validation), or (2) A LDAP simple bind that was performed on a cleartext (non-SSL/TLS-encrypted) connection This directory server is configured to reject such binds. This is the recommended configuration setting, and significantly enhances the security of this server. For more details, please see http://go.microsoft.com/fwlink/?LinkID=87923. Summary information on the number of such binds received within the past 24 hours is below. You can enable additional logging to log an event each time a client makes such a bind, including information on which client made the bind. To do so, please raise the setting for the “LDAP Interface Events” event logging category to level 2 or higher. Number of simple binds rejected because they were performed without SSL/TLS: “Value” Number of Negotiate/Kerberos/NTLM/Digest binds rejected because they were performed without signing:”Value”

Resolution:

http://technet.microsoft.com/en-us/library/dd941863%28WS.10%29.aspx