From Sun Ray 4 STIG
Part of Default administrator account is used.
Associated with IA controls: ECCD-2, ECCD-1
The default administrator account, “admin”, does not provide an audit trail of who logged in and the default password may be easily guessed or be publicly known. If system administrators use the “admin” account, this could potentially allow modifications to the Sun Ray system with no user accountability. Also, unauthorized users may gain access to the administration tool and make modifications that disable the Sun Ray system. Therefore, system administrators will have individual user accounts to administer the Sun Ray Server, and the “admin” account will be removed to ensure that audit trails are present.
1. Open a terminal command line on the Sun Ray server. Perform the following: # /opt/SUNWut/sbin/utadminuser admin If the admin user is returned, this is a finding. 2. Then verify that the following /etc/pam.conf file has the following entries: Use the following command to locate them. # cat /etc/pam.conf | grep utadmingui # added to utadmingui by Sun Ray Server Software -- utadmingui utadmingui auth requisite pam_authtok_get.so.1 utadmingui auth required pam_dhkeys.so.1 utadmingui auth required pam_unix_cred.so.1 utadmingui auth required pam_unix_auth.so.1 If the above entries are not in the /etc/pam.conf file, then the alternate username specified to administer the Sun Ray administration tool will not work. If above entries are not in the pam.conf file, this is a finding.
Configure individual usernames to access the Sun Ray administration console.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer