@robertgendler commented on GitHub:
create check to make sure PerSourcePenalties is not set to no.
@brodjieski commented on GitHub:
Hello! If the system is passing those rules, they will not be reported as exempt, since they are naturally compliant. The exemption reports those items that…
@snoopy82481 commented on GitHub:
Check command and if not true it is a finding.
sshd -G
@anthonydarte commented on GitHub:
Indeed, the exempted rules are properly respected. I understand the error better now. Thank you.
@BenjaminHoegh commented on GitHub:
Oh i see my college have forwarded me the wrong one. sorry for the trouble
@robertgendler commented on GitHub:
Removed from CIS. Does not seem manageable. Closing out.
@robertgendler commented on GitHub:
Sure is. But when you upload a plist and not mobileconfig file to jamf it pushes it to machines as mcx payload....which causes you the issues.
@wewenttothemoon commented on GitHub:
@robertgendler I was reviewing the documentation for cis_lvl2 and correct me if I am wrong but isn't this the same as the .plist I used above?
![Image](https…
@wewenttothemoon commented on GitHub:
@robertgendler Thank you for quick feedback!
Understood, the password policy from EntraID is coming from AD via Entra Sync with no writeback enabled, so I…
/tmp volume/directory in docker container
@paolafrancesca commented on GitHub:
@gwigz what version are you using?
there's no explicit saving of a multipart preìfix temporary file in the code, I vaguely remember there was once, but…
@robertgendler commented on GitHub:
You can really name a baseline file whatever you want. macOS15_cis_lvl1 for example. But not everyone wants or does that.
I also believe the the fact that…