Security issues with LDAP NULL base connections on windows 2008

10-16-2009

Security issues with LDAP NULL base connections on windows 2008

http://www.nessus.org/plugins/index....ingle&id=10722

Solution : extract from above URL

If the remote LDAP server supports a version of the LDAP protocol
before v3, consider whether to disable NULL BASE queries on your LDAP
server.

Does Windows 2008 support LDAP Version 2 or LDAP Version 3 ? How do I go
about disabling it?

10-16-2009

Hello chris,

By default, anonymous LDAP operations, except rootDSE searches and binds,
are not permitted on Windows 2003 domain controllers or higher.

See also here:
http://support.microsoft.com/kb/320528

Search for"Anonymous queries":
http://technet.microsoft.com/en-us/l...8WS.10%29.aspx

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> Security issues with LDAP NULL base connections on windows 2008
>
> http://www.nessus.org/plugins/index....ingle&id=10722
>
> Solution : extract from above URL
>
> If the remote LDAP server supports a version of the LDAP protocol
> before v3, consider whether to disable NULL BASE queries on your LDAP
> server.
>
> Does Windows 2008 support LDAP Version 2 or LDAP Version 3 ? How do I
> go about disabling it?
>

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Null.sys & Windows Away Mode System Issues	MetalPirate	Windows Vista Hardware	0	02-16-2009 09:22 AM
Re: Windows Server 2008 Knowledge Base	Larry Struckmeyer [SBS-MVP]	Windows Small Business Server	1	08-08-2008 01:59 PM
LDAP Null Base	stadala	Active Directory	5	06-18-2008 01:35 AM
LDAP query returns NULL data	Drew	Active Directory	2	12-07-2005 04:04 PM
LDAP Search Base	Ana	Active Directory	2	07-01-2004 03:34 PM