TOC & Recently Viewed

Recently Viewed Topics

CHECK_LOCAL_GROUP

This policy item checks group names and status of Groups listed in lusmgr.msc.

Usage

<custom_item>

type: CHECK_LOCAL_GROUP

description: ["description"]

value_type: [VALUE_TYPE]

value_data: [value]

group_type: [GROUP_TYPE]

(optional) check_type: [CHECK_TYPE]

</custom_item>

This item uses the group_type field to describe which account must be audited. The allowed types are:

  • ADMINISTRATORS_GROUP
  • USERS_GROUP
  • GUESTS_GROUP
  • POWER_USERS_GROUP
  • ACCOUNT_OPERATORS_GROUP
  • SERVER_OPERATORS_GROUP
  • PRINT_OPERATORS_GROUP
  • BACKUP_OPERATORS_GROUP
  • REPLICATORS_GROUP

The allowed types for the value_type field are:

  • POLICY_SET (status of the group is checked)

    value_type: POLICY_SET

    value_data: "Enabled" or "Disabled"

  • POLICY_TEXT (name of the group is checked)

    value_type: POLICY_TEXT

    value_data: "Guests1" (In this case value_data can be any text string)

Examples

<custom_item>

type: CHECK_LOCAL_GROUP

description: "Local Guest group must be enabled"

value_type: POLICY_SET

value_data: "enabled"

group_type: GUESTS_GROUP

check_type: CHECK_EQUAL

</custom_item>

<custom_item>

type: CHECK_LOCAL_GROUP

description: "Guests group account name should be Guests"

value_type: POLICY_TEXT

value_data: "Guests"

group_type: GUESTS_GROUP

check_type: CHECK_EQUAL

</custom_item>

<custom_item>

type: CHECK_LOCAL_GROUP

description: "Guests group account name should not be Guests"

value_type: POLICY_TEXT

value_data: "Guests"

group_type: GUESTS_GROUP

check_type: CHECK_NOT_EQUAL

</custom_item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.