Check: PHTN-67-000066
VMware vSphere 6.7 Photon OS STIG:
PHTN-67-000066
(in versions v1 r6 through v1 r1)
Title
The Photon operating system must prohibit the use of cached authenticators after one day. (Cat II impact)
Discussion
If cached authentication information is out of date, the validity of the authentication information may be questionable.
Check Content
At the command line, execute the following command: # /opt/likewise/bin/lwregshell list_values "HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory"|grep "CacheEntryExpiry" If the value returned is not 14400 or less, this is a finding.
Fix Text
At the command line, execute the following command: # /opt/likewise/bin/lwregshell set_value "[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]" CacheEntryExpiry 14400
Additional Identifiers
Rule ID: SV-239137r856055_rule
Vulnerability ID: V-239137
Group Title: SRG-OS-000383-GPOS-00166
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-002007 |
The information system prohibits the use of cached authenticators after an organization-defined time period. |
Controls
Number | Title |
---|---|
IA-5 (13) |
Expiration Of Cached Authenticators |