Prevent Null Bind Connections in EEM
search cancel

Prevent Null Bind Connections in EEM


Article ID: 366835


Updated On:


CA Service Management - Service Desk Manager


Security Scans show that EEM server is allowing null binds

Plugin 10723 - LDAP Server NULL Bind Connection Information Disclosure - port 509

(The remote LDAP server allows anonymous access.

"The LDAP server on the remote host is currently configured such that a user can connect to it without authentication - via a 'NULL BIND' - and query it for information.  

Although the queries that are allowed are likely to be fairly restricted, this may result in disclosure of information that an attacker could find useful.

This plugin does not identify servers that use LDAP v3 since anonymous access -- a 'NULL BIND' -- is required by that version of the protocol."

Configure the service to disallow NULL BINDs.)


EEM 12.6.4


There are some files to check that are located in the following default locations:

C:\Program Files\CA\Directory\dxserver\config\ssld\itechpoz.dxc

C:\Program Files\CA\Directory\dxserver\config\ssld\default.dxc

C:\Program Files\CA\Directory\dxserver\config\knowledge\itechpoz.dxc

Check these files to see where the cipher list is implemented

Example (Default):

#  cipher = "ALL:!EXPORT40:!ADH:!SSLv2:!EXP:!LOW" # default ciphers - syntax on OpenSSL website

Add the following to the cipher list:


Also check for the following line:

auth-levels  = anonymous, clear-password

By default this is in \config\knowledge\itechpoz.dxc

Remove anonymous from the auth-levels setting and null binds should be disabled