[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Define Activation Security Check exemptions

ID: oval:org.secpod.oval:def:19398Date: (C)2014-05-29   (M)2023-07-14
Class: COMPLIANCEFamily: windows




The Define Activation Security Check exemptions machine setting should be configured correctly. Allows you to view and change a list of DCOM server application ids (appids) which are exempted from the DCOM Activation security check. DCOM uses two such lists, one configured via Group Policy through this policy setting, and the other via the actions of local computer administrators. DCOM ignores the second list when this policy setting is configured, unless the "Allow local activation security check exemptions" policy is enabled. DCOM server appids added to this policy must be listed in curly-brace format. For example: {b5dcb061-cefb-42e0-a1be-e6a6438133fe}. If you enter a non-existent or improperly formatted appid DCOM will add it to the list without checking for errors. If you enable this policy setting, you can view and change the list of DCOM activation security check exemptions defined by Group Policy settings. If you add an appid to this list and set its value to 1, DCOM will not enforce the Activation security check for that DCOM server. If you add an appid to this list and set its value to 0 DCOM will always enforce the Activation security check for that DCOM server regardless of local settings. If you disable this policy setting, the appid exemption list defined by Group Policy is deleted, and the one defined by local computer administrators is used. If you do not configure this policy setting, the appid exemption list defined by local computer administrators is used. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Distributed COM\Application Compatibility Settings\Define Activation Security Check exemptions (2) KEY: HKLM\Software\Policies\Microsoft\Windows NT\DCOM\AppCompat\ListBox_Support_ActivationSecurityCheckExemptionList

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11718-4
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11718-4
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies