UCF STIG Viewer Logo

vIDM must be configured correctly for the site enterprise user management system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-90285 VRAU-VI-000195 SV-100935r1_rule Medium
Description
To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store which is either local (OS-based) or centralized (LDAP) in nature. To ensure support to the enterprise, the authentication must utilize an enterprise solution.
STIG Date
VMW vRealize Automation 7.x vIDM Security Technical Implementation Guide 2018-10-12

Details

Check Text ( C-89977r1_chk )
Interview the ISSO. Obtain the correct configuration for the site's Directory services.

In a browser, log in with Tenant admin privileges and navigate to the Administration page.

Select Directories Management >> Directories.

Click on the configured Directory to review the configuration.

If the Directory service is not configured correctly, this is a finding.
Fix Text (F-97027r1_fix)
Interview the ISSO. Obtain the correct configuration for the site's Directory services.

In a browser, log in with Tenant admin privileges, and navigate to the Administration page.

Select Directories Management >> Directories.

Click on the configured Directory to edit the configuration in accordance with the instructions provided by the ISSO.