Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-90285 | VRAU-VI-000195 | SV-100935r1_rule | Medium |
Description |
---|
To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store which is either local (OS-based) or centralized (LDAP) in nature. To ensure support to the enterprise, the authentication must utilize an enterprise solution. |
STIG | Date |
---|---|
VMW vRealize Automation 7.x vIDM Security Technical Implementation Guide | 2018-10-12 |
Check Text ( C-89977r1_chk ) |
---|
Interview the ISSO. Obtain the correct configuration for the site's Directory services. In a browser, log in with Tenant admin privileges and navigate to the Administration page. Select Directories Management >> Directories. Click on the configured Directory to review the configuration. If the Directory service is not configured correctly, this is a finding. |
Fix Text (F-97027r1_fix) |
---|
Interview the ISSO. Obtain the correct configuration for the site's Directory services. In a browser, log in with Tenant admin privileges, and navigate to the Administration page. Select Directories Management >> Directories. Click on the configured Directory to edit the configuration in accordance with the instructions provided by the ISSO. |