The macOS system must be configured to use an authorized time server.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-259450 | SRG-OS-000355-GPOS-00143 | APPL-14-000170 | SV-259450r1038944_rule | 2024-12-04 | 2 |
| Description |
|---|
| Approved time servers must be the only servers configured for use. This rule ensures the uniformity of time stamps for information systems with multiple system clocks and systems connected over a network. An authoritative time server is synchronized with redundant United States Naval Observatory (USNO) time servers as designated for the appropriate DOD network. Satisfies: SRG-OS-000355-GPOS-00143,SRG-OS-000356-GPOS-00144 |
| ℹ️ Check |
|---|
| Verify the macOS system is configured to use an authorized time server with the following command: /usr/bin/osascript -l JavaScript << EOS $.NSUserDefaults.alloc.initWithSuiteName('com.apple.MCX')\ .objectForKey('timeServer').js EOS If the result is not an authoritative time server which is synchronized with redundant USNO time servers as designated for the appropriate DOD network, this is a finding. |
| ✔️ Fix |
|---|
| Configure the macOS system to use an authorized time server by installing the "com.apple.MCX" configuration profile. |