[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Domain Controller Address Type Returned

ID: oval:org.secpod.oval:def:19449Date: (C)2014-05-29   (M)2023-07-04
Class: COMPLIANCEFamily: windows




The Domain Controller Address Type Returned machine setting should be configured correctly. The Domain Controller (DC) Locator APIs return IP address of the DC with the other part of the information. Before the support of IPv6, the returned DC IP address was IPv4. But with the support of IPv6, the DC Locator APIs can return IPv6 DC address. The returned IPv6 DC address may not be correctly handled by some of the existing applications. So this policy is provided to support such scenarios. By default, DC Locator APIs can return IPv4/IPv6 DC address. But if some applications are broken due to the returned IPv6 DC address, this policy can be used to disable the default behavior and enforce to return ONLY IPv4 DC address. Once applications are fixed, this policy can be used to enable the default behavior. If you enable this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This is the default behavior of the DC Locator. If you disable this policy setting, DC Locator APIs will ONLY return IPv4 DC address if any. So if the domain controller supports both IPv4 and IPv6 addresses, DC Locator APIs will return IPv4 address. But if the domain controller supports only IPv6 address, then DC Locator APIs will fail. If you do not configure this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This is the default behavior of the DC Locator. Fix: (1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records\Domain Controller Address Type Returned (2) KEY: HKLM\Software\Policies\Microsoft\Netlogon\Parameters\AddressTypeReturned

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11849-7
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11849-7
XCCDF    1
xccdf_org.secpod_benchmark_general_Windows_Server_2008_R2

© SecPod Technologies