In order to address security vulnerabilities in the default configuration for Lightweight Directory Access Protocol (LDAP), Microsoft is recommending administrators to enable LDAP channel binding and LDAP signing in Active Directory Domain Controllers. (See Microsoft Security Advisory ADV190023.) Microsoft has also communicated that in March 2020, a security update will be released on Windows Update, which will enable these settings by default.
When these hardenings are in place, QPR Suite will be able to establish an LDAP connection to Microsoft Active Directory only if a secure LDAP connection is configured and "Always use secure connection" is selected in the QPR Configuration Manager. In other words, if the hardenings are in place, and the secure LDAP connection is not configured, any QPR user accounts requiring authentication against Active Directory will not be able to log in to QPR. It is recommended that all QPR Suite customers still using unsecured LDAP authentication configure the secure LDAP connection as soon as possible. Instructions for this can be found in the QPR Suite knowledge base at http://kb.qpr.com/qpr2019-1/ldapsettingstab.htm