AAA Services must be configured to prevent automatically removing emergency accounts.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-80823	SRG-APP-000234-AAA-000060	SV-95533r1_rule		Medium

Description
Emergency accounts are administrator accounts that are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation may bypass normal account authorization processes. If these accounts are automatically disabled, system maintenance during emergencies may not be possible, thus adversely affecting system availability. Emergency accounts are different from infrequently used accounts (i.e., local logon accounts used by system administrators when network or normal logon/access is not available). Infrequently used accounts also remain available and are not subject to automatic termination dates. However, an emergency account is normally a different account that is created for use by vendors or system maintainers, that is removed once the crisis has passed. When AAA Services do not perform account management, the connected Active Directory must provide this setting

Description

Emergency accounts are administrator accounts that are established in response to crisis situations where the need for rapid account activation is required. Therefore, emergency account activation may bypass normal account authorization processes. If these accounts are automatically disabled, system maintenance during emergencies may not be possible, thus adversely affecting system availability. Emergency accounts are different from infrequently used accounts (i.e., local logon accounts used by system administrators when network or normal logon/access is not available). Infrequently used accounts also remain available and are not subject to automatic termination dates. However, an emergency account is normally a different account that is created for use by vendors or system maintainers, that is removed once the crisis has passed. When AAA Services do not perform account management, the connected Active Directory must provide this setting

STIG	Date
Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide	2019-12-12

Details

Check Text ( C-80559r3_chk )
If AAA Services rely on directory services for user account management, this is not applicable and the connected directory services must perform this function. Verify AAA Services are configured to not automatically remove emergency accounts. Emergency accounts must not have automatic termination set. If AAA Services are configured to automatically remove emergency accounts, this is a finding.

Fix Text (F-87677r3_fix)
Configure AAA Services to not automatically remove emergency accounts. Emergency accounts must not have automatic termination set.