STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to IBM AIX 7.x Security Technical Implementation Guide

V-215214

CAT II (Medium)

If LDAP authentication is required on AIX, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.

Rule ID

SV-215214r991554_rule

STIG

IBM AIX 7.x Security Technical Implementation Guide

Version

V3R2

CCIs

CCI-001453

Discussion

If LDAP authentication is used, SSL must be used between LDAP clients and the LDAP servers to protect the integrity of remote access sessions.

Check Content

Run the following command to check if ldap_auth is used:

# grep -iE "^authtype:[[:blank:]]*ldap_auth" /etc/security/ldap/ldap.cfg

If the command has no output, this is Not Applicable.

Run the following command to check if SSL is used:

# grep -iE "^useSSL:[[:blank:]]*yes" /etc/security/ldap/ldap.cfg
useSSL:yes

If the command has no output, this is a finding.

Fix Text

Configure the LDAP client on AIX to use the SSL.

Edit /etc/security/ldap/ldap.cfg to have the following line:
useSSL:yes

Restart the client daemon:
# secldapclntd.