Skip to content

If LDAP authentication is required on AIX, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.

An XCCDF Rule

Description

<VulnDiscussion>If LDAP authentication is used, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-215214r991554_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Configure the LDAP client on AIX to use the SSL.

Edit /etc/security/ldap/ldap.cfg to have the following line:
useSSL:yes

Restart the client daemon: