Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The vCenter Server must implement Active Directory authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243079 | VCTR-67-000009 | SV-243079r719480_rule | Medium |
| Description |
|---|
| The vCenter Server must ensure users are authenticated with an individual authenticator prior to using a group authenticator. Using Active Directory for authentication provides more robust account management capabilities. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 vCenter Security Technical Implementation Guide | 2021-04-16 |
Details
| Check Text ( C-46354r719478_chk ) |
|---|
| From the vSphere Web Client, go to Administration >> Single Sign-On >> Configuration. Click the "Identity Sources" tab. If there is no identity source of type "Active Directory" (either Windows Integrated Authentication or LDAP), this is a finding. |
| Fix Text (F-46311r719479_fix) |
|---|
| From the vSphere Web Client go to Administration >> Single Sign-On >> Configuration. Click the "Add identity source". Select either "Active Directory over LDAP" or "Active Directory (Windows Integrated Authentication)" and configure appropriately. Note: Windows Integrated Authentication requires that the vCenter server be joined to AD before configuration via Administration >> Single Sign-On >> Configuration >> Active Directory Domain. |