AIX7-00-001104 - If LDAP authentication is required on AIX, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.

Information

If LDAP authentication is used, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.

Solution

Configure the LDAP client on AIX to use the SSL.

Edit /etc/security/ldap/ldap.cfg to have the following line:
useSSL:yes

Restart the client daemon:
# secldapclntd.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_IBM_AIX_7-x_V2R5_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-17(2), CAT|II, CCI|CCI-001453, Rule-ID|SV-215214r508663_rule, STIG-ID|AIX7-00-001104, STIG-Legacy|SV-101559, STIG-Legacy|V-91461, Vuln-ID|V-215214

Plugin: Unix

Control ID: ad070241c68ce31efceb05757b75e373c754c8390eb5bc200066c06bef3ed705