#1190 - Windows Server 2022 V1R1

[ruandersMSFT]

Pull Request (PR) description:
Parsed STIGs for Windows Server 2022 V1R1

This Pull Request (PR) fixes the following issues:

This fixes #1190

Task list:

• Change details added to Unreleased section of CHANGELOG.md (Not required for Convert modules)?
• Added/updated documentation, comment-based help and descriptions where appropriate?
• Examples appropriately updated?
• New/changed code adheres to Style Guidelines?
• Unit and (optional) Integration tests created/updated where possible?

---

This change is 

[erjenkin]

One small issue that is failing the tests, you will need to create an log entry for this rule to remove the comma (error that DISA created) from the raw xccdf, then reconvert the STIG and you should be g2g
Here is the place where you need to add an update

WIKI on Log files : https://github.com/Microsoft/PowerStig/wiki/PowerSTIGArchiveLog#powerstig-archive-log-examples

[ruandersMSFT]

@erjenkin Yes, I just ran the pester tests locally and have a fix on it's way, thanks!

[erjenkin]

Will be testing this today - Nice work! Thanks for contributing to PowerSTIG

[erjenkin]

@ruandersMSFT - Please use the following command and target the raw xccdf in the /archive/Windows.Server.2022 directory. (after importing PowerSTIG-Convert

# Split RAW into DC and MS
import-module .\source\PowerStig.Convert.psm1
Split-StigXccdf -Path .\source\StigData\Archive\Windows.Server.2022\U_MS_Windows_Server_2022_STIG_V1R1_Manual-xccdf.xml

# Next - Create LOG Files named like the split xccdf to ensure MS/DC gets converted properly

This is what your archive folder should look like after the above steps -

Your log file should be unique for MS or DC, some rules only apply to one or the other.
After this you should be able to cleanly convert both of the split xccdf files to create org settings and processed STIGs -

Based on my testing you will need to update the PowerSTIG convert logic, because the processed STIG name is not created properly -

Should look similar to this after conversion:

[ruandersMSFT]

@erjenkin Parsing updates corrected, thanks for the guidance.

[erjenkin]

@ruandersMSFT
V-254319 - converted incorrectly -
<Subcategory>Audit Audit Policy Change</Subcategory>' > should be <Subcategory>Audit Policy Change</Subcategory>

Same for V-254320
<Subcategory>Audit Audit Policy Change</Subcategory> > should be <Subcategory>Audit Policy Change</Subcategory>

Error when running configuration :

Easiest fix :

Add a log file rule for both of these rules : something like this

Audit Audit Policy Change::Audit Policy Change

[erjenkin]

After you get this last update in - you should be g2g - nice work.
You updated PowerSTIG to bring Server 2022 Security Score from 51.4% to 91.06%

[erjenkin]

@ruandersMSFT - We will be releasing 4.16.0 in the next few days. Do you think you will be able to get this update in this week? #1206 (comment)

[ruandersMSFT]

@erjenkin Yes. I can work on it this afternoon.

[ruandersMSFT]

@erjenkin Ready to go.

[ruandersMSFT]

@erjenkin Thanks. Given that I was also learning the parsing process, I started by comparing the .log files for both MS and DC files from Windows Server 2019 and aligned the same settings to the same STIGs in 2022 to get the same parsing output between 2019 and 2022.