FIX: Login into Awingu not possible after Microsoft patches (March 2020)

Microsoft will by default only allow LDAPS connections to the Active Directory after patches in March 2020. If your Awingu domain is configured to go over LDAP, this will break logon for all users directly after the patches.

Following error will be shown in Awingu:

To resolve this issue, you’ll have to prepare your Active Directory to allow LDAPS connections from Awingu. Make sure that port 636 is open between Awingu and the Active Directory.

Install the following role on you Active Directory: Server Manager -> Manage -> Add roles and features -> role-based or feature based installation -> Active Directory Certificate Services. Only the Certification Authority needs to be installed (no reboot required).

After installation, You will receive a popup to configure the Certificate services:

Select the Certificate Authority role:

– Select Enterprise CA
– Select Root CA
– Select “Create new private key” and leave everything default
– Finally, click on “configure”

Reboot the Active Directory server

In Awingu, Go to the domain configuration and select LDAPS as the authentication method:

After this, a user should be able to login over LDAPS.