The IBM z/OS user account for the UNIX kernel (OMVS) must be properly defined to the security database.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-223859 | SRG-OS-000104-GPOS-00051 | RACF-US-000220 | SV-223859r958482_rule | 2025-03-11 | 9 |
| Description |
|---|
| To assure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system. |
| ℹ️ Check |
|---|
| If OMVS userid is defined to the ESM as follows, this is not a finding. No access to interactive on-line facilities (e.g., TSO, CICS, etc.) Default group specified as OMVSGRP or STCOMVS UID(0) HOME directory specified as "/" Shell program specified as "/bin/sh" |
| ✔️ Fix |
|---|
| Define OMVS userid to the ESM as specified below: No access to interactive on-line facilities (e.g., TSO, CICS, etc.) Default group specified as OMVSGRP or STCOMVS UID(0) HOME directory specified as "/" Shell program specified as "/bin/sh" |