Nutanix AOS must use an enterprise user management system to uniquely identify and authenticate users (or processes acting on behalf of organizational users).

To ensure accountability and prevent unauthorized access, application server users must be uniquely identified and authenticated. This is typically accomplished using a user store which is either local (OS-based) or centralized (LDAP) in nature. To ensure support to the enterprise, the authentication must use an enterprise solution.

Confirm the Nutanix VM application server is set to use enterprise user management systems. 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to the Authentication settings. If an Active Directory or OpenLDAP servers are not configured, this is a finding.

Configure the Nutanix VM application server to use an enterprise user management system to authenticate individual users. 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to the Authentication settings. 4. Add an Active Directory or OpenLDAP server to the directory list. Alternatively, create individual local users within Prism. 1. Log in to Prism Element. 2. Click the gear icon in the upper-right corner. 3. Navigate to "Local User Management". 4. Select "+ New Users".