STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020: STIGQter: STIG Summary: Jamf Pro v10.x EMM Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 03 Feb 2020:SV-108711r1_rule
V-99607
PP-MDM-991000
JAMF-10-100120
CAT II
10
Remove the MySQL <DatabasePassword> key or set to a blank value in Jamf Pro EMM.
If the database password is removed from the configuration file, the database password must be entered manually for the Jamf Pro EMM server web app during startup. In a clustered environment, the database password must be entered manually for each individual node.
Note: Default values are included below for reference only. Use unique values in production environments.
<Database>
...
<DatabaseName>jamfsoftware</DatabaseName>
<DatabaseUser>jamfsoftware</DatabaseUser>
<DatabasePassword></DatabasePassword>
...
</Database>
Verify the MySQL <DatabasePassword> key has been removed or set to a blank value in Jamf Pro EMM.
1. On the Jamf Pro server, navigate to the JSS/Tomcat/webapps/ROOT/WEB-INF/xml.
2. Find the "Database.xml" file and open it in a text editor.
3. Find the <DatabasePassword>.
4. Verify that there is no password.
If the MySQL <DatabasePassword> key has not been removed or not set to a blank value, this is a finding.
V-99607
False
JAMF-10-100120
Verify the MySQL <DatabasePassword> key has been removed or set to a blank value in Jamf Pro EMM.
1. On the Jamf Pro server, navigate to the JSS/Tomcat/webapps/ROOT/WEB-INF/xml.
2. Find the "Database.xml" file and open it in a text editor.
3. Find the <DatabasePassword>.
4. Verify that there is no password.
If the MySQL <DatabasePassword> key has not been removed or not set to a blank value, this is a finding.
M
3593