id: ldap-server

info:
  name: Ensure LDAP Server Service is Not Installed
  author: Th3l0newolf
  severity: info
  description: |
    The slapd package provides the OpenLDAP server, which manages directory and identity services. If not explicitly required, having this service installed unnecessarily increases the system’s attack surface.
  remediation: |
    - Run: sudo apt-get remove slapd -y
    - This removes the LDAP server package to reduce the system’s attack surface.
  reference:
    - https://www.cisecurity.org/benchmark/ubuntu_linux
  metadata:
    verified: true
  tags: cis,local,cisecurity,audit,linux,ubuntu

self-contained: true

code:
  - engine:
      - bash
    args:
      - "-c"
      - |
        if dpkg-query -s slapd &>/dev/null; then
          echo "[ldap-server-check:Policy-Fail] [slapd is installed] [CIS_FAIL]"
        else
          echo "[ldap-server-check:Policy-Pass] [slapd is not installed] [CIS_PASS]"
        fi

    matchers:
      - type: word
        name: policy-pass
        words:
          - "Policy-Pass"

      - type: word
        name: policy-fail
        words:
          - "Policy-Fail"
# digest: 490a0046304402207ee6e7e7e9c66d8b9fbe1f829c03f27090298ed7f861d88bc570582c65810e1b022037d531ff744abf9677b2d15b3de6cfd80dc77b99613de661fe80dd7b6d91edc6:922c64590222798bb761d5b6d8e72950