The macOS system must be integrated into a directory services infrastructure.

STIG ID: APPL-14-000016  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-259427

Vulnerability Discussion

A directory service infrastructure enables centralized user and rights
management, as well as centralized control over computer and user configurations. Integrating the macOS
systems used throughout an organization into a directory services infrastructure ensures more
administrator oversight and security than allowing distinct user account databases to exist on each
separate system.

Check

Verify the macOS system is configured to integrate into a directory service with the
following command:

/usr/bin/dscl localhost -list . \| /usr/bin/grep -qvE '(Contact\|Search\|Local\|^$)'; /bin/echo $?

If the result is not "0", this is a finding.

Fix

Configure the macOS system to integrate into an existing directory
services infrastructure.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.