diff --git a/Testing/RegoTests/commoncontrols/commoncontrols10_test.rego b/Testing/RegoTests/commoncontrols/commoncontrols10_test.rego
index dc6a7e96..428b6b80 100644
--- a/Testing/RegoTests/commoncontrols/commoncontrols10_test.rego
+++ b/Testing/RegoTests/commoncontrols/commoncontrols10_test.rego
@@ -854,4 +854,246 @@ test_Unconfigured_Incorrect_V3 if {
"to determine the state from the logs, the default setting ",
"is non-compliant; manual check recommended."
])}
+#--
+
+
+#
+# GWS.COMMONCONTROLS.10.5v0.3
+#--
+test_Access_Correct_V1 if {
+ # Test 1 event
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2022-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "DENIED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ RuleOutput[0].RequirementMet
+ not RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
+}
+
+test_Access_Correct_V2 if {
+ # Test multiple events
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2022-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "DENIED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ },
+ {
+ "id": {"time": "2021-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "ALLOWED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ RuleOutput[0].RequirementMet
+ not RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
+}
+
+test_Access_Incorrect_V1 if {
+ # Test 1 event
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2022-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "ALLOWED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ not RuleOutput[0].RequirementMet
+ not RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == concat("", [
+ "The following OUs are non-compliant:",
+ "- Test Top-Level OU: Allow users to manage their access to less secure apps is ON
",
+ "
"
+ ])
+}
+
+test_Access_Incorrect_V2 if {
+ # Test multiple events
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2022-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "ALLOWED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ },
+ {
+ "id": {"time": "2021-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "DENIED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ not RuleOutput[0].RequirementMet
+ not RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == concat("", [
+ "The following OUs are non-compliant:",
+ "- Test Top-Level OU: Allow users to manage their access to less secure apps is ON
",
+ "
"
+ ])
+}
+
+test_Access_Incorrect_V3 if {
+ # Test no relevant events
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ RuleOutput[0].RequirementMet
+ RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == concat("", [
+ "No relevant event in the current logs for the top-level OU, ",
+ "Test Top-Level OU. While we are unable ",
+ "to determine the state from the logs, the default setting ",
+ "is compliant; manual check recommended."
+ ])}
+
+test_Access_Incorrect_V4 if {
+ # Test no relevant events in top-level OU
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2021-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "DENIED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Second-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ RuleOutput[0].RequirementMet
+ RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == concat("", [
+ "No relevant event in the current logs for the top-level OU, ",
+ "Test Top-Level OU. While we are unable ",
+ "to determine the state from the logs, the default setting ",
+ "is compliant; manual check recommended."
+ ])}
+
+test_Access_Incorrect_V5 if {
+ # Test multiple OUs
+ PolicyId := "GWS.COMMONCONTROLS.10.5v0.3"
+ Output := tests with input as {
+ "commoncontrols_logs": {"items": [
+ {
+ "id": {"time": "2021-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "ALLOWED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Second-Level OU"}
+ ]
+ }]
+ },
+ {
+ "id": {"time": "2021-12-20T00:02:28.672Z"},
+ "events": [{
+ "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
+ "parameters": [
+ {"name": "NEW_VALUE", "value": "DENIED"},
+ {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
+ ]
+ }]
+ }
+ ]},
+ "tenant_info": {
+ "topLevelOU": "Test Top-Level OU"
+ }
+ }
+
+ RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
+ count(RuleOutput) == 1
+ not RuleOutput[0].RequirementMet
+ not RuleOutput[0].NoSuchEvent
+ RuleOutput[0].ReportDetails == concat("", [
+ "The following OUs are non-compliant:",
+ "- Test Second-Level OU: Allow users to manage their access to less secure apps is ON
",
+ "
"
+ ])
+}
#--
\ No newline at end of file
diff --git a/Testing/RegoTests/commoncontrols/commoncontrols11_test.rego b/Testing/RegoTests/commoncontrols/commoncontrols11_test.rego
index 97507cc0..4e697da2 100644
--- a/Testing/RegoTests/commoncontrols/commoncontrols11_test.rego
+++ b/Testing/RegoTests/commoncontrols/commoncontrols11_test.rego
@@ -502,246 +502,4 @@ test_Installation_Incorrect_V7 if {
""
])
}
-#--
-
-
-#
-# GWS.COMMONCONTROLS.11.2v0.3
-#--
-test_Access_Correct_V1 if {
- # Test 1 event
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2022-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "DENIED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- RuleOutput[0].RequirementMet
- not RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
-}
-
-test_Access_Correct_V2 if {
- # Test multiple events
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2022-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "DENIED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- },
- {
- "id": {"time": "2021-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "ALLOWED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- RuleOutput[0].RequirementMet
- not RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
-}
-
-test_Access_Incorrect_V1 if {
- # Test 1 event
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2022-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "ALLOWED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- not RuleOutput[0].RequirementMet
- not RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == concat("", [
- "The following OUs are non-compliant:",
- "- Test Top-Level OU: Allow users to manage their access to less secure apps is ON
",
- "
"
- ])
-}
-
-test_Access_Incorrect_V2 if {
- # Test multiple events
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2022-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "ALLOWED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- },
- {
- "id": {"time": "2021-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "DENIED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- not RuleOutput[0].RequirementMet
- not RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == concat("", [
- "The following OUs are non-compliant:",
- "- Test Top-Level OU: Allow users to manage their access to less secure apps is ON
",
- "
"
- ])
-}
-
-test_Access_Incorrect_V3 if {
- # Test no relevant events
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
-
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- RuleOutput[0].RequirementMet
- RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == concat("", [
- "No relevant event in the current logs for the top-level OU, ",
- "Test Top-Level OU. While we are unable ",
- "to determine the state from the logs, the default setting ",
- "is compliant; manual check recommended."
- ])}
-
-test_Access_Incorrect_V4 if {
- # Test no relevant events in top-level OU
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2021-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "DENIED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Second-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- RuleOutput[0].RequirementMet
- RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == concat("", [
- "No relevant event in the current logs for the top-level OU, ",
- "Test Top-Level OU. While we are unable ",
- "to determine the state from the logs, the default setting ",
- "is compliant; manual check recommended."
- ])}
-
-test_Access_Incorrect_V5 if {
- # Test multiple OUs
- PolicyId := "GWS.COMMONCONTROLS.11.2v0.3"
- Output := tests with input as {
- "commoncontrols_logs": {"items": [
- {
- "id": {"time": "2021-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "ALLOWED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Second-Level OU"}
- ]
- }]
- },
- {
- "id": {"time": "2021-12-20T00:02:28.672Z"},
- "events": [{
- "name": "WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED",
- "parameters": [
- {"name": "NEW_VALUE", "value": "DENIED"},
- {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}
- ]
- }]
- }
- ]},
- "tenant_info": {
- "topLevelOU": "Test Top-Level OU"
- }
- }
-
- RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId]
- count(RuleOutput) == 1
- not RuleOutput[0].RequirementMet
- not RuleOutput[0].NoSuchEvent
- RuleOutput[0].ReportDetails == concat("", [
- "The following OUs are non-compliant:",
- "- Test Second-Level OU: Allow users to manage their access to less secure apps is ON
",
- "
"
- ])
-}
#--
\ No newline at end of file
diff --git a/rego/Commoncontrols.rego b/rego/Commoncontrols.rego
index f861998f..c5850a8c 100644
--- a/rego/Commoncontrols.rego
+++ b/rego/Commoncontrols.rego
@@ -1377,6 +1377,73 @@ if {
}
#--
+#
+# Baseline GWS.COMMONCONTROLS.10.5v0.3
+#--
+NonCompliantOUs10_5 contains {
+ "Name": OU,
+ "Value": "Allow users to manage their access to less secure apps is ON"
+} if {
+ some OU in utils.OUsWithEvents
+ Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", OU)
+ # Ignore OUs without any events. We're already asserting that the
+ # top-level OU has at least one event; for all other OUs we assume
+ # they inherit from a parent OU if they have no events.
+ count(Events) > 0
+ LastEvent := utils.GetLastEvent(Events)
+ LastEvent.NewValue != "DENIED"
+ LastEvent.NewValue != "INHERIT_FROM_PARENT"
+}
+# NOTE: When WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED for a child OU
+# is set to inherit from parent, apparently NO EVENT IS PRODUCED IN
+# THE ADMIN LOGS. When you later override the setting, it shows
+# "INHERIT_FROM_PARENT" as the "OLD_VALUE", so I'm putting that above
+# for completeness, but this appears to be a case where we won't be
+# able to detect setting inheritance, as least for now.
+
+NonCompliantGroups10_5 contains {
+ "Name": Group,
+ "Value": "Allow users to manage their access to less secure apps is ON"
+} if {
+ some Group in utils.GroupsWithEvents
+ Events := FilterEventsGroup("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", Group)
+ # Ignore groups without any events.
+ count(Events) > 0
+ LastEvent := utils.GetLastEvent(Events)
+ LastEvent.NewValue != "DENIED"
+ LastEvent.NewValue != "INHERIT_FROM_PARENT"
+}
+
+tests contains {
+ "PolicyId": "GWS.COMMONCONTROLS.10.5v0.3",
+ "Criticality": "Should",
+ "ReportDetails": utils.NoSuchEventDetails(DefaultSafe, utils.TopLevelOU),
+ "ActualValue": "No relevant event for the top-level OU in the current logs",
+ "RequirementMet": DefaultSafe,
+ "NoSuchEvent": true
+}
+if {
+ DefaultSafe := true
+ Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", utils.TopLevelOU)
+ count(Events) == 0
+}
+
+tests contains {
+ "PolicyId": "GWS.COMMONCONTROLS.10.5v0.3",
+ "Criticality": "Shall",
+ "ReportDetails": utils.ReportDetails(NonCompliantOUs10_5, NonCompliantGroups10_5),
+ "ActualValue": {"NonCompliantOUs": NonCompliantOUs10_5, "NonCompliantGroups": NonCompliantGroups10_5},
+ "RequirementMet": Status,
+ "NoSuchEvent": false
+}
+if {
+ Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", utils.TopLevelOU)
+ count(Events) > 0
+ Conditions := {count(NonCompliantOUs10_5) == 0, count(NonCompliantGroups10_5) == 0}
+ Status := (false in Conditions) == false
+}
+#--
+
#########################
# GWS.COMMONCONTROLS.11 #
#########################
@@ -1488,73 +1555,6 @@ if {
}
#--
-#
-# Baseline GWS.COMMONCONTROLS.11.2v0.3
-#--
-NonCompliantOUs11_2 contains {
- "Name": OU,
- "Value": "Allow users to manage their access to less secure apps is ON"
-} if {
- some OU in utils.OUsWithEvents
- Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", OU)
- # Ignore OUs without any events. We're already asserting that the
- # top-level OU has at least one event; for all other OUs we assume
- # they inherit from a parent OU if they have no events.
- count(Events) > 0
- LastEvent := utils.GetLastEvent(Events)
- LastEvent.NewValue != "DENIED"
- LastEvent.NewValue != "INHERIT_FROM_PARENT"
-}
-# NOTE: When WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED for a child OU
-# is set to inherit from parent, apparently NO EVENT IS PRODUCED IN
-# THE ADMIN LOGS. When you later override the setting, it shows
-# "INHERIT_FROM_PARENT" as the "OLD_VALUE", so I'm putting that above
-# for completeness, but this appears to be a case where we won't be
-# able to detect setting inheritance, as least for now.
-
-NonCompliantGroups11_2 contains {
- "Name": Group,
- "Value": "Allow users to manage their access to less secure apps is ON"
-} if {
- some Group in utils.GroupsWithEvents
- Events := FilterEventsGroup("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", Group)
- # Ignore groups without any events.
- count(Events) > 0
- LastEvent := utils.GetLastEvent(Events)
- LastEvent.NewValue != "DENIED"
- LastEvent.NewValue != "INHERIT_FROM_PARENT"
-}
-
-tests contains {
- "PolicyId": "GWS.COMMONCONTROLS.11.2v0.3",
- "Criticality": "Should",
- "ReportDetails": utils.NoSuchEventDetails(DefaultSafe, utils.TopLevelOU),
- "ActualValue": "No relevant event for the top-level OU in the current logs",
- "RequirementMet": DefaultSafe,
- "NoSuchEvent": true
-}
-if {
- DefaultSafe := true
- Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", utils.TopLevelOU)
- count(Events) == 0
-}
-
-tests contains {
- "PolicyId": "GWS.COMMONCONTROLS.11.2v0.3",
- "Criticality": "Shall",
- "ReportDetails": utils.ReportDetails(NonCompliantOUs11_2, NonCompliantGroups11_2),
- "ActualValue": {"NonCompliantOUs": NonCompliantOUs11_2, "NonCompliantGroups": NonCompliantGroups11_2},
- "RequirementMet": Status,
- "NoSuchEvent": false
-}
-if {
- Events := FilterEventsOU("WEAK_PROGRAMMATIC_LOGIN_SETTINGS_CHANGED", utils.TopLevelOU)
- count(Events) > 0
- Conditions := {count(NonCompliantOUs11_2) == 0, count(NonCompliantGroups11_2) == 0}
- Status := (false in Conditions) == false
-}
-#--
-
#########################
# GWS.COMMONCONTROLS.12 #
#########################