Skip to content

The Tanium Application Server must be configured to only use LDAP for account management functions.

An XCCDF Rule

Description

<VulnDiscussion>Enterprise environments make application account management challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other error. To reduce risk, the Tanium application must be configured to allow for LDAP to provide account management functions that immediately enforce the organization's current account policy.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-253816r842476_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Vendor documentation can be downloaded from https://docs.tanium.com/platform_user/platform_user/console_using_ldap.html?Highlight=LDAP.
 
1. Using a web browser on a system that has connectivity to the Tanium application, access the Tanium application web UI and log on with multifactor authentication. 

2. Click "Administration" on the top navigation banner.