Checklist Summary:

Directory Services Security Checklist provides the procedures for conducting a Security Readiness Review (SRR) to determine compliance with the requirements in the Directory Services Security Technical Implementation Guide (STIG). This Checklist document must be used together with the corresponding version of the STIG document. This Checklist currently addresses three review subjects: - Generic Directory Service - This subject covers checks for an implementation of a generic directory service. - Generic Directory Synchronization Application - This subject covers checks for an implementation of an application used to perform synchronization on two or more directory service implementations. - Active Directory (AD) Implementation - This subject covers checks for AD Domain Controllers, AD Domains, and the AD Forest that make up an implementation of Active Directory. The procedures in this document are part of the effort to ensure that the security configuration guidelines required by Department of Defense (DoD) Directive 8500.1, Information Assurance, and other relevant guidance are properly implemented. In order to minimize repetition, certain procedures in this document reference information in the Windows 2000 Security Checklist and the Windows Server 2003 Security Checklist. Therefore, familiarity with those documents is considered a prerequisite to this checklist.

Checklist Role:

• Active Directory Server

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

• Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

Not provided.

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 11/12/2010