<div>
<div class="content wysiwyg-content">
I ran ISS on one of my servers and got the following:<br />
<br />
LDAP NullBase: LDAP null base returns information<br />
If LDAP allows NULL base in an LDAP search, a user can submit a search that returns information on namingContexts and supported controls. &nbsp;An attacker could use this information to access directory listings and plan further attacks.<br />
<br />
Remedy: &nbsp;Set up an access list control to prevent users from dumping the base of the tree or issuing a request without knowing the base object.<br />
<br />
My question is where and how do I do this and will it adversely affect my clients (they are 98 &amp;&nbsp;2000).<br />
<br />
Thanks.<br />
<br />
Please also see my question regarding inverse queries on 2k dns.
</div>
</div>


I ran ISS on one of my servers and got the following:

LDAP NullBase: LDAP null base returns information
If LDAP allows NULL base in an LDAP search, a user can submit a search that returns information on namingContexts and supported controls.  An attacker could use this information to access directory listings and plan further attacks.

Remedy:  Set up an access list control to prevent users from dumping the base of the tree or issuing a request without knowing the base object.

My question is where and how do I do this and will it adversely affect my clients (they are 98 & 2000).

Thanks.

Please also see my question regarding inverse queries on 2k dns.

Setup ACL for LDAP Null Base on Windows 2000

The Windows operating systems have distinct methodologies for designing and implementing networks, and have specific systems to accomplish various networking processes, such as Exchange for email, Sharepoint for shared files and programs, and IIS for delivery of web pages. Microsoft also produces server technologies for networked database use, security and virtualization.