The openldap-servers package must not be installed unless required.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-38627	RHEL-06-000256	SV-50428r1_rule		Low

Description
Unnecessary packages should not be installed to decrease the attack surface of the system.

STIG	Date
Red Hat Enterprise Linux 6 Security Technical Implementation Guide	2014-06-10

Details

Check Text ( None )
None

Fix Text (F-43577r1_fix)
The "openldap-servers" package should be removed if not in use. Is this machine the OpenLDAP server? If not, remove the package. # yum erase openldap-servers The openldap-servers RPM is not installed by default on RHEL6 machines. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended for use as an LDAP Server it should be removed.

Fix Text (F-43577r1_fix)

The "openldap-servers" package should be removed if not in use. Is this machine the OpenLDAP server? If not, remove the package.

# yum erase openldap-servers

The openldap-servers RPM is not installed by default on RHEL6 machines. It is needed only by the OpenLDAP server, not by the clients which use LDAP for authentication. If the system is not intended for use as an LDAP Server it should be removed.