Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-94731 | VCWN-65-000009 | SV-104561r1_rule | Medium |
Description |
---|
The vCenter Server for Windows must ensure users are authenticated with an individual authenticator prior to using a group authenticator. Using Active Directory for authentication provides more robust account management capabilities. |
STIG | Date |
---|---|
VMware vSphere 6.5 vCenter Server for Windows Security Technical Implementation Guide | 2019-12-12 |
Check Text ( C-93921r1_chk ) |
---|
If Active Directory is not used in the environment, this is not applicable. Verify the Windows server hosting vCenter is joined to the domain and access to the server and to vCenter is done using Active Directory accounts. If the vCenter server is not joined to an Active Directory domain, this is a finding. If Active Directory-based accounts are not used for daily operations of the vCenter server, this is a finding. |
Fix Text (F-100849r1_fix) |
---|
If the server hosting vCenter is not joined to the domain follow the OS specific procedures to join it to Active Directory. If local accounts are used for normal operations then Active Directory accounts should be created and used. |