Automation Controller must utilize encryption when using LDAP for authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-256907 | APAS-AT-000055 | SV-256907r903514_rule | Medium |
| Description |
|---|
| To avoid access with malicious intent, passwords will need to be protected at all times. This includes transmission where passwords must be encrypted for security. |
| STIG | Date |
|---|---|
| Red Hat Ansible Automation Controller Application Server Security Technical Implementation Guide | 2023-08-29 |
Details
| Check Text ( C-60582r902289_chk ) |
|---|
| Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings. If an LDAP server is configured but the "LDAP SERVER URI" field does not start with "ldaps://", this is a finding. |
| Fix Text (F-60524r903514_fix) |
|---|
| Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings. Click "Edit". Modify the "LDAP SERVER URI" field so that it begins with "ldaps://". Click "Save". |