Detections
Analytics

1.181 WN22-DC-000360

Information

Windows Server 2022 Allow log on through Remote Desktop Services user right must only be assigned to the Administrators group on domain controllers.

GROUP ID: V-254420
RULE ID: SV-254420r958472

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

Accounts with the 'Allow log on through Remote Desktop Services' user right can access a system through Remote Desktop.

Solution

Configure the policy value for

Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment >> Allow log on through Remote Desktop Services

to include only the following accounts or groups:

 - Administrators

See Also

https://workbench.cisecurity.org/benchmarks/22357

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3, CAT|II, CCI|CCI-000213, Rule-ID|SV-254420r958472_rule, STIG-ID|WN22-DC-000360, Vuln-ID|V-254420

Plugin: Windows

Control ID: 5b1d86956609af7a09441c350106326b52b8e8893d73b982370363e425209846