2.2.1 Enable "Set time and date automatically"


Correct date and time settings are required for authentication protocols, file creation, modification dates and log entries. Apple's automatic time update solution will enable an NTP server that is not controlled by the Application Firewall. Turning on "Set time and date automatically" allows other computers to connect to set their time and allows for exploit attempts against ntpd. It also allows for more accurate network detection and OS fingerprinting. Kerberos may not operate correctly if the time on the Mac is off by more than 5 minutes. This in turn can affect Apple's single sign-on feature, Active Directory logons, and other features.


Perform the following to implement the prescribed state: Open System Preferences Select Date & Time Select Set date and time automatically Alternatively run the following commands: sudo systemsetup -setnetworktimeserver <timeserver> sudo systemsetup #x2013;setusingnetworktime on Impact: Note: If your organization has internal time servers, enter them here. Enterprise mobile devices may need to use a mix of internal and external time servers. If multiple servers are required use the Date & Time System Preference with each server separated by a space.

See Also


Item Details


References: 800-53|AU-8(1)

Plugin: Unix

Control ID: 1294357e603b30560a48fb5adcdc524a03551f18e582808e795990b60d095028