id: ldap-server

info:
  name: Ensure LDAP Server Service is Not Installed
  author: Th3l0newolf
  severity: info
  description: |
    The slapd package provides the OpenLDAP server, which manages directory and identity services. If not explicitly required, having this service installed unnecessarily increases the system’s attack surface.
  remediation: |
    - Run: sudo apt-get remove slapd -y
    - This removes the LDAP server package to reduce the system’s attack surface.
  reference:
    - https://www.cisecurity.org/benchmark/ubuntu_linux
  metadata:
    verified: true
  tags: cis,cisecurity,audit,linux,ubuntu

self-contained: true

code:
  - engine:
      - bash
    args:
      - "-c"
      - |
        if dpkg-query -s slapd &>/dev/null; then
          echo "[ldap-server-check:Policy-Fail] [slapd is installed] [CIS_FAIL]"
        else
          echo "[ldap-server-check:Policy-Pass] [slapd is not installed] [CIS_PASS]"
        fi

    matchers:
      - type: word
        name: policy-pass
        words:
          - "Policy-Pass"

      - type: word
        name: policy-fail
        words:
          - "Policy-Fail"
# digest: 490a004630440220122e74bbeb14a7f14348cdb93d4bc91898942ebeaa6a6d6fcbc1fcf8e7bb2967022024b8a1ceedb0355d5ce74a15265b821b76289248f485859e9118b9e32a46c215:922c64590222798bb761d5b6d8e72950