← Back to Microsoft SCOM Security Technical Implementation Guide

V-237437

CAT II (Medium)

The default Builtin\Administrators group must be removed from the SCOM Administrators Role Group.

Rule ID

SV-237437r984088_rule

STIG

Microsoft SCOM Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-002041

Discussion

SCOM servers with default well-known operating system groups defined the SCOM Administrators Global Group may allow a local administrator access to privileged SCOM access.

Check Content

Review the SCOM Administrators Global Group and verify that the Built-in\Administrators Group is not a member.

If the Built-in\Administrators group is a member, this is a finding.

Fix Text

Remove the Built-in\Administrators group from the SCOM Administrators Role Group.