======2.3.5 Ensure LDAP client is not installed (Scored)======
=====Profile Applicability=====  
<code>
Level 1 - Server
Level 1 - Workstation 
</code>

=====Description=====
The Lightweight Directory Access Protocol (LDAP) was introduced as a replacement for NIS/YP. It is a service that provides a method for looking up information from a central database.

=====Rationale=====
If the system will not need to act as an LDAP client, it is recommended that the software be removed to reduce the potential attack surface..

=====Audit===== 
Run the following commands to verify ''ldap-utils'' is not installed:
<Code:bash>
dpkg -s ldap-utils
</Code>

=====Remediation===== 
Run the following command to uninstall ''ldap-utils'':
<Code:bash>
apt-get remove ldap-utils
</Code>

=====Impact===== 
Removing the LDAP client will prevent or inhibit using LDAP for authentication in your environment.