Title

DocAve must provide automated mechanisms for supporting account management functions. (Cat II impact)

Discussion

Remote access (e.g., Remote Desktop Protocol [RDP]) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, nonorganization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless.

Check Content

DocAve supports integration with Active Directory (AD) for automated account management. Check the DocAve configuration to ensure AD Integration is enabled. - Log on to DocAve with admin account. - On the Control Panel page, in the Authentication Manager section, click "Authentication Manager". - Navigate to AD Integration. - Verify that the AD Integration option is enabled. If the AD Integration option is not enabled, this is a finding.

Fix Text

Configure the DocAve configuration to ensure AD Integration is enabled. - Log on to DocAve with admin account. - On the Control Panel page, in the Authentication Manager section, click "Authentication Manager". - Navigate to AD Integration. - Set the Action of AD Integration to Enable. - Save settings. Add AD user or group to DocAve by Account Manager, realize automated mechanisms through AD account management functions.

Additional Identifiers

Rule ID: SV-253513r836514_rule

Vulnerability ID: V-253513

Group Title: SRG-APP-000023

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.