UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Automation Controller must be configured to use an enterprise user management system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-256905 APAS-AT-000047 SV-256905r903508_rule Medium
Description
Unauthenticated application servers render the organization subject to exploitation. Therefore, application servers must be uniquely identified and authenticated to prevent unauthorized access. Satisfies: SRG-APP-000148-AS-000101, SRG-APP-000149-AS-000102, SRG-APP-000151-AS-000103, SRG-APP-000177-AS-000126, SRG-APP-000389-AS-000253, SRG-APP-000390-AS-000254, SRG-APP-000391-AS-000239, SRG-APP-000392-AS-000240, SRG-APP-000400-AS-000246, SRG-APP-000401-AS-000243, SRG-APP-000402-AS-000247, SRG-APP-000403-AS-000248, SRG-APP-000404-AS-000249, SRG-APP-000405-AS-000250
STIG Date
Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide 2023-08-29

Details

Check Text ( C-60580r902283_chk )
The Administrator must check the Automation Controller web administrator console and verify the appropriate authentication provider is configured and the associated fields are complete and accurate.

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication.

If the organization-defined identity provider is not configured, or any associated fields are incomplete or inaccurate, this is a finding.
Fix Text (F-60522r903507_fix)
Log in to Automation Controller as an administrator and navigate to Settings >> Authentication.

Configure the appropriate authentication provider and associated fields for the organization-defined identity provider:

Click on LDAP settings.

Click "Edit".

Configure/complete the fields.

Click "Save".