[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Domain controller: LDAP server signing requirements

ID: oval:org.secpod.oval:def:29689Date: (C)2015-10-14   (M)2023-07-14
Class: COMPLIANCEFamily: windows




This security setting determines whether the LDAP server requires signing to be negotiated with LDAP clients, as follows: None: Data signing is not required in order to bind with the server. If the client requests data signing, the server supports it. Require signature: Unless TLS\SSL is being used, the LDAP data signing option must be negotiated. Default: This policy is not defined, which has the same effect as None. Caution If you set the server to Require Signature, you must also set the client. Not setting the client results in loss of connection with the server. Notes This setting does not have any impact on LDAP simple bind or LDAP simple bind through SSL. No Microsoft LDAP clients that are shipped with Windows XP Professional use LDAP simple bind or LDAP simple bind through SSL to talk to a domain controller. If signing is required, then LDAP simple bind and LDAP simple bind through SSL requests are rejected. No Microsoft LDAP clients running Windows XP Professional or the Windows Server 2003 family use LDAP simple bind or LDAP simple bind through SSL to bind to directory service. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options!Domain controller: LDAP server signing requirements (2) REG: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters!ldapserverintegrity

Platform:
Microsoft Windows 8.1
Reference:
CCE-35063-7
CPE    1
cpe:/o:microsoft:windows_8.1
CCE    1
CCE-35063-7
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_8_1

© SecPod Technologies