V-254267
CAT IIWindows Server 2022 must automatically remove or disable temporary user accounts after 72 hours.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Review temporary user accounts for expiration dates.
Determine if temporary user accounts are used and identify any that exist. If none exist, this is NA.
Domain Controllers:
Open "PowerShell".
Enter "Search-ADAccount -AccountExpiring | FT Name, AccountExpirationDate".
If "AccountExpirationDate" has not been defined within 72 hours for any temporary user account, this is a finding.
Member servers and standalone or nondomain-joined systems:
Open "Command Prompt".
Run "Net user [username]", where [username] is the name of the temporary user account.
If "Account expires" has not been defined within 72 hours for any temporary user account, this is a finding.
Fix Text
Configure temporary user accounts to automatically expire within 72 hours.
Domain accounts can be configured with an account expiration date, under "Account" properties.
Local accounts can be configured to expire with the command "Net user [username] /expires:[mm/dd/yyyy]", where [username] is the name of the temporary user account.
Delete any temporary user accounts that are no longer necessary.
STIG Reference
- STIG
- Microsoft Windows Server 2022 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-254267r958364_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb | Unassigned | 2026-03-05T13:34:36 | View in Context |