The system must limit the use of the built-in SSO administrative account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-63959 | VCWN-06-000010 | SV-78449r1_rule | Medium |
| Description |
|---|
| Use of the SSO administrator account should be limited as it is a shared account and individual accounts must be used wherever possible. |
| STIG | Date |
|---|---|
| VMware vSphere vCenter Server Version 6 Security Technical Implementation Guide | 2017-07-11 |
Details
| Check Text ( C-64711r1_chk ) |
|---|
| Verify the built-in SSO administrator account is only used for emergencies and situations where it is the only option due to permissions. If the built-in SSO administrator account is used for daily operations or there is no policy restricting its use, this is a finding. |
| Fix Text (F-69889r1_fix) |
|---|
| A policy should be developed to limit the use of the built-in SSO administrator account. |