5.20 Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled'

Information

In Windows 2003 and older versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista and newer versions of Windows, this service does not provide any functionality and is present for application compatibility.

The recommended state for this setting is: Disabled.

Rationale:

This is a legacy service that has no value or purpose other than application compatibility for very old software. It should be disabled unless there is a specific old application still in use on the system that requires it.

Impact:

No impact, unless an old, legacy application requires it.

Solution

To establish the recommended configuration via GP, set the following UI path to: Disabled.

Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Remote Procedure Call (RPC) Locator

Default Value:

Manual

See Also

https://workbench.cisecurity.org/benchmarks/14249

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv7|9.2

Plugin: Windows

Control ID: 638ccb5951e6ab9ce307f14e0bec4c5853db0d188a944fcbd404fa1a571d3984