Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-3380 | 3.074 | SV-32468r1_rule | Medium |
Description |
---|
This setting controls whether or not users are forced to log off when their allowed logon hours expire. If logon hours are set for users, then this should be enforced. |
STIG | Date |
---|---|
Windows Server 2008 R2 Member Server Security Technical Implementation Guide | 2016-06-08 |
Check Text ( C-32786r1_chk ) |
---|
Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “Network security: Force logoff when logon hours expire” is not set to “Enabled”, then this is a finding. This setting does not have a corresponding registry update. |
Fix Text (F-28862r1_fix) |
---|
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “Network security: Force logoff when logon hours expire” to “Enabled”. |