U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Windows Server 2022 STIG with Ansible Ver 1, Rel 1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Microsoft Windows Server 2022 cpe:/o:microsoft:windows_server_2022:- (View CVEs)

Checklist Highlights

Checklist Name:
Windows Server 2022 STIG with Ansible
Checklist ID:
1049
Version:
Ver 1, Rel 1
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
02/07/2023

Checklist Summary:

Ansible is an open source, cross-platform configuration management solution used to define and enforce system and application configurations. This package provides Ansible configurations that implement most of the Microsoft Windows Server 2022 STIG. While the content has been tested during development, all possible system and environmental factors could not be tested. Before applying this content in a production environment, users are advised to test with the intended settings in their own test environment. There is no mandate to use this content; it is published as a resource to assist in the application of security guidance to the user’s systems. Use it in the manner and to the extent that it assists with this goal. Many Windows configuration settings can be applied using Group Policy. This Ansible configuration does not leverage Group Policy. Therefore, this content is most useful for systems that are not using Group Policy or to manage a subset of configuration settings that are not being managed through Group Policy. Ansible does not run natively on Windows. This documentation assumes the user will be running Ansible on a Red Hat Enterprise Linux 8 host machine and targeting the Microsoft Windows Server 2022 machine via WinRM. This package uses basic authentication as a simple example of connecting to a Windows server via WinRM. For production use, consider configuring one of the more secure connection methods available.

Checklist Role:

  • Server

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

Not provided.

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

NEW checklist - 2/12/23
updated Status to FINAL - 3/13/23
Change to FINAL - 4/13/23

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 04/13/2023