The vCenter Server must limit membership to the "TrustedAdmins" Single Sign-On (SSO) group.
An XCCDF Rule
Description
<VulnDiscussion>The vSphere "TrustedAdmins" group grants additional rights to administer the vSphere Trust Authority feature. To force accountability and nonrepudiation, the SSO group "TrustedAdmins" must be severely restricted.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-256371r885724_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.
Click the next page arrow until the "TrustedAdmins" group appears.
Click "TrustedAdmins".