Documentation - V-251184

Title

Redis Enterprise DBMS must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.

Description

<VulnDiscussion>Enterprise environments make account management for applications and databases challenging and complex. A manual process for account management functions adds the risk of a potential oversight or other error. Managing accounts for the same person in multiple places is inefficient and prone to problems with consistency and synchronization. A comprehensive application account management process that includes automation helps to ensure that accounts designated as requiring attentio...

Fix Text (Documentation Requirement)

Integrate Redis Enterprise with LDAP to provide organization-level authentication/access mechanism and account management for all users, groups, roles, and any other principals. For each DBMS-managed account that is not documented and approved, either transfer it to management by the external mechanism or document the need for it and obtain approval as appropriate. To enable LDAP: 1. Import the saslauthd configuration. 2. Restart saslauthd service. 3. Configure LDAP users. Configuring LDAP: To provide the LDAP configuration information: 1. Edit the configuration file located at /etc/opt/redislabs/saslauthd.conf or the installation directory used during initial configuration. 2. Provide the following information associated with each variable: - ldap_servers: the ldap servers that authen...