Analysis Services Anonymous Connections should be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15184 | DM6086-SQLServer9 | SV-25467r1_rule | IAIA-1 IAIA-2 | Medium |
| Description |
|---|
| Anonymous connections allow unauthenticated access to the database. Although the database may not store sensitive application data, operation and data compromise may occur without accountability where unauthenticated access is allowed. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-13794r1_chk ) |
|---|
| If Analysis Services is not deployed on the local host, this check is Not a Finding. Note: To detect deployment, view Windows Services. If SQL Server Analysis Services ([instance name]) is not listed, then Analysis Services is not installed on this host. From the SQL Server Management Studio GUI: 1. Connect to the Analysis Services instance 2. Right click on the Analysis Services instance 3. Select Properties 4. View the value listed for Security \ RequireClientAuthentication If value = 'false', this is a Finding. The RequireClientAuthentication value may also be viewed in the Analysis Services configuration file, msmdsrv.ini under XML tag: [RequireClientAuthentication] The configuration file may be found in the [install dir] \ MSSQL.[#] \ OLAP \ Config directory. |
| Fix Text (F-14814r1_fix) |
|---|
| Set value for RequireClientAuthentication to 'true' From the SQL Server Management Studio GUI: 1. Connect to the Analysis Services instance 2. Right click on the Analysis Services instance 3. Select Properties 4. View the value listed for Security \ RequireClientAuthentication 5. Select value = 'true' 6. Click OK |