Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The default Builtin\Administrators group must be removed from the SCOM Administrators Role Group.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-237437 | SCOM-IA-000003 | SV-237437r643957_rule | Medium |
| Description |
|---|
| SCOM servers with default well-known operating system groups defined the SCOM Administrators Global Group may allow a local administrator access to privileged SCOM access. |
| STIG | Date |
|---|---|
| Microsoft SCOM Security Technical Implementation Guide | 2021-03-15 |
Details
| Check Text ( C-40656r643955_chk ) |
|---|
| Review the SCOM Administrators Global Group and verify that the Built-in\Administrators Group is not a member. If the Built-in\Administrators group is a member, this is a finding. |
| Fix Text (F-40619r643956_fix) |
|---|
| Remove the Built-in\Administrators group from the SCOM Administrators Role Group. |