Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
No dedicated VirtualCenter administrator created within the Windows Administrator Group on the Windows Server for managing the VirtualCenter environment.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15870 | ESX0710 | SV-16811r1_rule | ECCD-1 ECCD-2 | Medium |
| Description |
|---|
| By default, the local administrator or domain administrator is allowed to log on to VirtualCenter. These administrators are allowed since VirtualCenter requires a user with local administrator privileges to run. To limit the local administrative access, a dedicated VirtualCenter account will be created. This VirtualCenter account is an ordinary user that is a member of the local administrators group. This configuration avoids automatically giving administrative access to domain administrators, who typically belong to the local administrators group. This also provides a way of getting into VirtualCenter when the domain controller is down, because the local VirtualCenter administrator account does not require remote authentication. |
| STIG | Date |
|---|---|
| VMware ESX 3 Virtual Center | 2016-05-03 |
Details
| Check Text ( C-16227r1_chk ) |
|---|
| 1. On the VirtualCenter Server, go to Start>Administrative Tools>Computer Management>Local Users and Groups>Groups 2. Open the Administrators group. 3. Verify that a VirtualCenter administrator is listed. Work with the system administrator to identify the user. If no VirtualCenter administrator is listed, this is a finding. |
| Fix Text (F-15830r1_fix) |
|---|
| Create a VirtualCenter administrator user in the Windows Administrator Group. |