Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Self-registration is permitted for users.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-16064 | SUN0050 | SV-17051r1_rule | ECSC-1 | High |
| Description |
|---|
| Sun Ray Desktop Unit users are not registered centrally for users by the system administrator. With self-registration, the system administrator does not assign registered tokens to the authorized users. This poses a security risk since users may be able to register themselves in the Sun Ray administration database. If an unauthorized user obtains access to a Sun Ray Desktop unit, then that user may be able to start a session without any intervention from the system administrator. |
| STIG | Date |
|---|---|
| Sun Ray 4 STIG | 2015-04-02 |
Details
| Check Text ( C-17107r1_chk ) |
|---|
| Within the Sun Ray Administration console, perform the following: 1. Select the Advanced Tab. 2. Select the System Policy Tab. 3. Verify the Non-Card Users Access has “Self Registration Allowed” not checked. 4. If Access is set to "Self-Registration Allowed", this is a finding. |
| Fix Text (F-16169r1_fix) |
|---|
| Disable Self-Registration for all users. NIPRNET - Within the Sun Ray Administration console, perform the following: 1. Select the Advanced Tab. 2. Select the System Policy Tab. 3. Uncheck the Card Users Access for “Self Registration Allowed”. SIPRNET - Within the Sun Ray Administration console, perform the following: 1. Select the Advanced Tab. 2. Select the System Policy Tab. 3. Uncheck the Non-Card Users Access for “Self Registration Allowed”. |