Skip to content
Catalogs
XCCDF
HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide
SRG-OS-000123-GPOS-00064
The storage system must be configured to have only 1 emergency account which can be accessed without LDAP, and which has full administrator capabilities.
The storage system must be configured to have only 1 emergency account which can be accessed without LDAP, and which has full administrator capabilities. An XCCDF Rule
The storage system must be configured to have only 1 emergency account which can be accessed without LDAP, and which has full administrator capabilities.
High Severity
<VulnDiscussion>While LDAP allows the storage system to support stronger authentication and provides additional auditing, it also places a dependency on an external entity in the operational environment. The existence of a single local account with a strong password means that administrators can continue to access the storage system in the event the LDAP system is temporarily unavailable.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>