[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

103942

 
 

909

 
 

84057

 
 

133

Paid content will be excluded from the download.


Download | Alert*
OVAL

Network security: LDAP client signing requirements

ID: oval:org.secpod.oval:def:8751Date: (C)2013-01-21   (M)2018-03-28
Class: COMPLIANCEFamily: windows




The Network security: LDAP client signing requirements setting should be configured correctly. This policy setting determines the level of data signing that is requested on behalf of clients that issue LDAP BIND requests, as follows: * None. The LDAP BIND request is issued with the caller-specified options. * Negotiate signing. If Transport Layer Security/Secure Sockets Layer (TLS/SSL) has not been started, the LDAP BIND request is initiated with the LDAP data signing option set in addition to the caller-specified options. If TLS/SSL has been started, the LDAP BIND request is initiated with the caller-specified options. * Require signature. This level is the same as Negotiate signing. However, if the LDAP servers intermediate saslBindInProgress response does not indicate that LDAP traffic signing is required, the caller is told that the LDAP BIND command request failed. Note: This policy setting does not have any impact on ldap_simple_bind or ldap_simple_bind_s. No Microsoft LDAP clients that are included with Windows XP Professional use ldap_simple_bind or ldap_simple_bind_s to communicate with a domain controller. The possible values for the Network security: LDAP client signing requirements setting are: * None * Negotiate signing * Require signature * Not Defined Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network security: LDAP client signing requirements (2) KEY: HKLM\SYSTEM\CurrentControlSet\Services\LDAP\LDAPClientIntegrity

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-10614-6
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-10614-6
XCCDF    4
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_Server_2008_R2
xccdf_org.secpod_benchmark_PCI_3_2_Windows_Server_2008_R2
...

© 2013 SecPod Technologies