[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Network security: LDAP client signing requirements

ID: oval:org.secpod.oval:def:23024Date: (C)2015-01-07   (M)2023-07-31
Class: COMPLIANCEFamily: windows




This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests, as follows: - None. The LDAP BIND request is issued with the caller-specified options. - Negotiate signing. If Transport Layer Security/Secure Sockets Layer (TLS/SSL) has not been started, the LDAP BIND request is initiated with the LDAP data signing option set in addition to the caller-specified options. If TLS/SSL has been started, the LDAP BIND request is initiated with the caller-specified options. - Require signature. This level is the same as Negotiate signing. However, if the LDAP server?s intermediate saslBindInProgress response does not indicate that LDAP traffic signing is required, the caller is told that the LDAP BIND command request failed. Note: This policy setting does not have any impact on ldap_simple_bind or ldap_simple_bind_s. No Microsoft LDAP clients that are included with Windows XP Professional use ldap_simple_bind or ldap_simple_bind_s to communicate with a domain controller. The possible values for the Network security: LDAP client signing requirements setting are: - None - Negotiate signing - Require signature - Not Defined This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Network security: LDAP client signing requirements (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LDAP!LDAPClientIntegrity

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-36858-9
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-36858-9
XCCDF    7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2012_R2
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_2012_R2
xccdf_org.secpod_benchmark_PCI_Windows_2012_R2
xccdf_org.secpod_benchmark_ISO27001_Windows_2012_R2
...

© SecPod Technologies