STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018: STIGQter: STIG Summary: IBM WebSphere Traditional V9.x Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 23 Aug 2018:SV-95945r1_rule
V-81231
SRG-APP-000340-AS-000185
WBSP-AS-000240
CAT II
10
In the LDAP server admin console, assign WebSphere users to the appropriate WebSphere group.
If a file based or local federated repository is in use, this requirement is NA.
Review System Security Plan documentation.
Interview the system administrator.
In the administrative console select Security >> Global Security.
Under "User Account Repository", verify the "Available realm Definition" is set to "Standalone LDAP registry".
Select "Configure".
The properties of the LDAP repository are displayed for purposes of identifying the LDAP server.
Work with the admin of LDAP repository.
Identify users and groups.
Validate members of groups are authorized.
If the group members have not been authorized by the ISSO/ISSM, this is a finding.
V-81231
False
WBSP-AS-000240
If a file based or local federated repository is in use, this requirement is NA.
Review System Security Plan documentation.
Interview the system administrator.
In the administrative console select Security >> Global Security.
Under "User Account Repository", verify the "Available realm Definition" is set to "Standalone LDAP registry".
Select "Configure".
The properties of the LDAP repository are displayed for purposes of identifying the LDAP server.
Work with the admin of LDAP repository.
Identify users and groups.
Validate members of groups are authorized.
If the group members have not been authorized by the ISSO/ISSM, this is a finding.
M
3399