When running the Test Settings function within Foldr Settings, authentication may fail with the following error:

“Your domain requires strong authentication, consider using LDAPS.”

 

This is due to LDAP Signing being required on the Windows Domain Controller (DC) and as a result it rejects the LDAP Simple Bind being sent by Foldr.  There are two solutions to this issue:

1.  Disable the LDAP Signing requirement on the DC
   or
2.  Enable LDAPS on the DC to allow Foldr to connect using LDAP over SSL

To disable LDAP Signing:

1. On the Domain Controller – Click Start > Run > gpedit.msc
2. In the Group Policy Object Editor, select the relevant GPO (usually Default Domain Controllers Policy) >> Right Click >> Edit and navigate to the following section:
   Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options 
3. Select the following entries:

• Domain Controller: LDAP Server signing requirements.
• Network security: LDAP Client signing requirements

4. Set the above as follows:

• Domain controller: LDAP server signing requirements = None (This is the default value)
• Network security: LDAP client signing requirements = Negotiate  (This is the default value)

 

The recommended action in this scenario would be to leave the settings as-is and enable LDAPS on the Domain Controller to allow Foldr to securely authenticate using port 636.  Click here for more information