Documentation - V-220340

Title

MarkLogic Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.

Description

<VulnDiscussion>Enterprise environments make account management for applications and databases challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other error. Managing accounts for the same person in multiple places is inefficient and prone to problems with consistency and synchronization. A comprehensive application account management process that includes automation helps to ensure accounts designated as requiring attention are...

Fix Text (Documentation Requirement)

If there are any accounts managed by MarkLogic, update the system documentation for justification and approval of these accounts. Configure MarkLogic to use External Security from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Security icon in the left tree menu. 2. Click the External Authentication icon. 3. Click the Create tab at the top of the External Authentication Summary window. 4. Complete the External Security Configuration Object for the available organization-level security provider. 5. Click the Security icon in the left tree menu. 6. Click the Users icon. 7. Select the user to fix. 8. In the User Configuration window, enter the external name for the user in the field in the External Name section.