5.23 (L1) Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled'

Information

In Windows 2003 and older versions of Windows, the Remote Procedure Call (RPC) Locator service manages the RPC name service database. In Windows Vista or newer versions of Windows, this service does not provide any functionality and is present for application compatibility.

The recommended state for this setting is: Disabled

This is a legacy service that has no value or purpose other than application compatibility for very old software. It should be disabled unless there is a specific old application still in use on the system that requires it.

Solution

To establish the recommended configuration via GP, set the following UI path to: Disabled

Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Remote Procedure Call (RPC) Locator

Impact:

No impact, unless an old, legacy application requires it.

See Also

https://workbench.cisecurity.org/benchmarks/16515

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7, CSCv7|9.2

Plugin: Windows

Control ID: 8a20f320e68d4d52afbb5089716fe7d069c79d1326f47b25b2db715dff047ae9