[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Ignore Delegation Failure

ID: oval:org.secpod.oval:def:18851Date: (C)2014-05-29   (M)2023-07-14
Class: COMPLIANCEFamily: windows




The Ignore Delegation Failure machine setting should be configured correctly. Directs the RPC Runtime to ignore delegation failures if delegation was asked for. Windows Server 2003 family includes a new delegation model - constrained delegation. In this model the security system does not report that delegation was enabled on a security context when a client connects to a server. Callers of RPC and COM are encouraged to use the RPC_C_QOS_CAPABILITIES_IGNORE_DELEGATE_FAILURE flag, but some applications written for the traditional delegation model may not use this flag and will encounter RPC_S_SEC_PKG_ERROR when connecting to a server that uses constrained delegation. If you disable this setting, do not configure it or set it to "Off", the RPC Runtime will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation. If you configure this setting to "On", the RPC Runtime will accept security contexts that do not support delegation as well as security contexts that do support delegation. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Remote Procedure Call\Ignore Delegation Failure (2) KEY: HKLM\Software\Policies\Microsoft\Windows NT\Rpc\IgnoreDelegationFailure

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-10660-9
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-10660-9
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies