Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The system must be integrated into a directory services infrastructure.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-58481 | AOSX-09-002060 | SV-72911r1_rule | Medium |
| Description |
|---|
| Distinct user account databases on each separate system cause problems with username and password policy enforcement. Most approved directory services infrastructure solutions, such as Active Directory, allow centralized management of users and passwords. |
| STIG | Date |
|---|---|
| Apple OS X 10.9 (Mavericks) Workstation Security Technical Implementation Guide | 2017-01-05 |
Details
| Check Text ( C-59331r1_chk ) |
|---|
| To determine if the system is integrated to a directory server, ask the SA or ISSO or run the following command: sudo dscl localhost -list . | grep -vE '(Contact | Search | Local)' If nothing is returned, or if the system is not integrated into a directory service infrastructure, this is a finding. |
| Fix Text (F-63819r1_fix) |
|---|
| Integrate the system into an existing directory services infrastructure, such as Active Directory. |