The application server must notify appropriate individuals when account disabling actions are taken.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35448	SRG-APP-000293-AS-000177	SV-46735r1_rule		Medium

Description
When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual application users or for identifying the application processes themselves. Application servers provide either a local user store or they can integrate with enterprise user stores like LDAP. As such, the authentication method employed by the application server must be able to notify designated individuals when accounts are disabled.

Description

When application accounts are disabled, user accessibility is affected. Accounts are utilized for identifying individual application users or for identifying the application processes themselves. Application servers provide either a local user store or they can integrate with enterprise user stores like LDAP. As such, the authentication method employed by the application server must be able to notify designated individuals when accounts are disabled.

STIG	Date
Application Server Security Requirements Guide	2013-01-08

Details

Check Text ( C-43802r1_chk )
Review AS product documentation and server configuration to determine if the AS is configured to notify staff when accounts are disabled. If the AS is not configured to meet this requirement, this is a finding.

Fix Text (F-39992r1_fix)
Configure the AS to automatically notify appropriate personnel when accounts are disabled.