[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Network security: LDAP client signing requirements

ID: oval:org.secpod.oval:def:23024Date: (C)2015-01-07   (M)2017-10-31
Class: COMPLIANCEFamily: windows




This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests, as follows: - None. The LDAP BIND request is issued with the caller-specified options. - Negotiate signing. If Transport Layer Security/Secure Sockets Layer (TLS/SSL) has not been started, the LDAP BIND request is initiated with the LDAP data signing option set in addition to the caller-specified options. If TLS/SSL has been started, the LDAP BIND request is initiated with the caller-specified options. - Require signature. This level is the same as Negotiate signing. However, if the LDAP server?s intermediate saslBindInProgress response does not indicate that LDAP traffic signing is required, the caller is told that the LDAP BIND command request failed. Note: This policy setting does not have any impact on ldap_simple_bind or ldap_simple_bind_s. No Microsoft LDAP clients that are included with Windows XP Professional use ldap_simple_bind or ldap_simple_bind_s to communicate with a domain controller. The possible values for the Network security: LDAP client signing requirements setting are: - None - Negotiate signing - Require signature - Not Defined This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Network security: LDAP client signing requirements (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LDAP!LDAPClientIntegrity

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-36858-9
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-36858-9
XCCDF    6
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_general_Windows_2012_R2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
...

© 2013 SecPod Technologies