Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The vCenter Server must be installed using a service account instead of a built-in Windows account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| VCENTER-000008 | VCENTER-000008 | VCENTER-000008_rule | Low |
| Description |
|---|
| The Microsoft Windows built-in system account or a user account can be used to run vCenter Server. With a user account, the Windows authentication for SQL Server can be enabled; it also provides more security. The user account must be an administrator on the local machine. In the installation wizard, specify the account name as DomainName\Username. If using SQL Server for the vCenter database, the SQL Server database must be configured to allow the domain account access to SQL Server. |
| STIG | Date |
|---|---|
| VMware vCenter Server Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-VCENTER-000008_chk ) |
|---|
| Verify vCenter Server was installed using a special-purpose user account on the Windows host with a local-only administrator role. This account should have the "Act as part of the operating system" privilege, and write access to the local file system with a local-only administrator role. If the vCenter Server was not installed with a special-purpose, local-only administrator role with the "Act as part of the operating system" privilege, this is a finding. |
| Fix Text (F-VCENTER-000008_fix) |
|---|
| Re-install the vCenter Server with a special-purpose, local-only administrator role with the "Act as part of the operating system" privilege. |