vIDM must be configured correctly for the site enterprise user management system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-240970 | VRAU-VI-000195 | SV-240970r879589_rule | Medium |
| Description |
|---|
| To assure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished via the use of a user store which is either local (OS-based) or centralized (LDAP) in nature. To ensure support to the enterprise, the authentication must utilize an enterprise solution. |
| STIG | Date |
|---|---|
| VMware vRealize Automation 7.x vIDM Security Technical Implementation Guide | 2023-09-12 |
Details
| Check Text ( C-44203r676169_chk ) |
|---|
| Interview the ISSO. Obtain the correct configuration for the site's Directory services. In a browser, log in with Tenant admin privileges and navigate to the Administration page. Select Directories Management >> Directories. Click on the configured Directory to review the configuration. If the Directory service is not configured correctly, this is a finding. |
| Fix Text (F-44162r676170_fix) |
|---|
| Interview the ISSO. Obtain the correct configuration for the site's Directory services. In a browser, log in with Tenant admin privileges, and navigate to the Administration page. Select Directories Management >> Directories. Click on the configured Directory to edit the configuration in accordance with the instructions provided by the ISSO. |