STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 22 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to AvePoint Fly Server Security Technical Implementation Guide

V-283938

CAT I (High)

Fly Server must have no local accounts for the user interface.

Rule ID

SV-283938r1223357_rule

STIG

AvePoint Fly Server Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000766CCI-000015CCI-000016CCI-000044CCI-000764CCI-004045CCI-004046CCI-001941CCI-003627CCI-000185CCI-000186CCI-000187CCI-000206CCI-000804CCI-000884CCI-002145CCI-002238CCI-002038CCI-001953CCI-001954CCI-001958CCI-001967CCI-002007CCI-004068CCI-002009CCI-002010CCI-004083CCI-004085CCI-001632CCI-002470CCI-003628CCI-003629CCI-003747CCI-004047CCI-004058CCI-004059CCI-004060CCI-004061CCI-004062CCI-004063CCI-004064CCI-004065CCI-004066CCI-004192CCI-004901CCI-004902

Discussion

To ensure accountability and prevent unauthenticated access, nonprivileged users must utilize multifactor authentication to prevent potential misuse and compromise of the system. Multifactor authentication uses two or more factors to achieve authentication. Factors include: (i) Something you know (e.g., password/PIN); (ii) Something you have (e.g., cryptographic identification device, token); or (iii) Something you are (e.g., biometric). A nonprivileged account is any information system account with authorizations of a nonprivileged user. Network access is any access to an application by a user (or process acting on behalf of a user) where said access is obtained through a network connection. Applications integrating with the DoW Active Directory and utilize the DoW CAC are examples of compliant multifactor authentication solutions. Satisfies: SRG-APP-000150, SRG-APP-000023, SRG-APP-000024, SRG-APP-000065, SRG-APP-000148, SRG-APP-000153, SRG-APP-000154, SRG-APP-000155, SRG-APP-000156, SRG-APP-000157, SRG-APP-000163, SRG-APP-000175, SRG-APP-000176, SRG-APP-000177, SRG-APP-000178, SRG-APP-000180, SRG-APP-000183, SRG-APP-000318, SRG-APP-000345, SRG-APP-000389, SRG-APP-000391, SRG-APP-000392, SRG-APP-000394, SRG-APP-000395, SRG-APP-000400, SRG-APP-000401, SRG-APP-000402, SRG-APP-000403, SRG-APP-000404, SRG-APP-000405, SRG-APP-000410, SRG-APP-000427, SRG-APP-000580, SRG-APP-000700, SRG-APP-000705, SRG-APP-000710, SRG-APP-000740, SRG-APP-000815, SRG-APP-000820, SRG-APP-000825, SRG-APP-000830, SRG-APP-000835, SRG-APP-000840, SRG-APP-000845, SRG-APP-000850, SRG-APP-000855, SRG-APP-000860, SRG-APP-000865, SRG-APP-000870, SRG-APP-000875, SRG-APP-000880, SRG-APP-000885, SRG-APP-000890

Check Content

Once Active Directory is configured in FLYS-00-000055, all local users must be removed.

Check the Fly Server User settings:
- On the Management >> Account Manager tab, view the list of users.
- User accounts tied to an Active Directory domain will be defined as [domainname]\[username].

If any of the users listed are not tied to Active Directory, this is a finding.

Fix Text

Once Active Directory is configured in FLYS-00-000055, remove all local users:
- On the Management >> Account Manager tab, remove all local users.