Automation Controller must utilize encryption when using LDAP for authentication.

An XCCDF Rule

Details
Profiles
Prose

Description

<VulnDiscussion>To avoid access with malicious intent, passwords will need to be protected at all times. This includes transmission where passwords must be encrypted for security.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-256907r961029_rule
Severity: Medium
References: CCI-000197
Updated: 19 days ago

Log in to Automation Controller as an administrator and navigate to Settings >> Authentication >> LDAP settings.

Click "Edit".

Modify the "LDAP SERVER URI" field so that it begins with "ldaps://".
Click "Save".

Automation Controller must utilize encryption when using LDAP for authentication.

Description

Remediation - Manual Procedure