| Attributes |
SecLA_PasswordPolicy_expireWarning[0..1] |
-
expireWarning
=
7
-
Password expiry warning in days.
Specifies the number of days before the expiry date when the ME starts to notify the user at authentication to change password due to approaching expiry date. No value means expiry warnings are never sent.
|
SecLA_PasswordPolicy_failureCountInterval[0..1] |
-
failureCountInterval
=
1800
-
The time interval within which consecutive failed login attempts count in seconds.
Specifies the time interval it takes to obsolete records in passwordFailureTimes used for attribute maxFailure. No value means the failure counter is reset only on successful authentication.
|
SecLA_PasswordPolicy_historyLength[0..1] |
-
historyLength
=
12
-
Specifies the number of passwords remembered by the ME to avoid the reuse of old passwords.
No value means old passwords are not recorded.
|
SecLA_PasswordPolicy_lockoutDuration[0..1] |
-
lockoutDuration
-
Account lockout duration in seconds due to password failures.
Specifies the time in seconds after a locked account is unlocked automatically. An administrative lock placed on the user account by configuring administrativeState is not managed by this attribute. No value means that only the administrator can unlock an account manually by invoking unlockOperationalLock action on the UserAccount MO.
|
SecLA_PasswordPolicy_maxAge[0..1] |
-
maxAge
=
90
-
Password maximum age in days.
Specifies the number of days after a password is considered expired. No value means passwords never expire.
|
SecLA_PasswordPolicy_maxFailure[0..1] |
-
maxFailure
=
3
-
Maximum failed login attempts to lock an account.
Specifies the number of consecutive failed login attempts which locks the account automatically, as counted in passwordFailureTimes of the respective UserAccount Managed Objects. No value means that an unlimited number of failed attempts is allowed.
|
SecLA_PasswordPolicy_minAge[0..1] |
-
minAge
=
15
-
Password minimum age in days.
Specifies the minimum number of days that need to pass before a password can be changed. No value means there is no control on the minimum age of passwords.
|
SecLA_PasswordPolicy_minLength |
-
minLength
=
10
-
Minimum length of passwords.
Specifies the minimum character lengths of passwords that the ME can accept.
|
string
key
mandatory
noNotification
restricted |
-
passwordPolicyId
-
The value component of the RDN.
|
PasswordQuality
mandatory |
-
passwordQuality
-
The password quality parameters used.
Refers to the DN of a PasswordQuality MO.
|
ManagedObject[0..]
noNotification
readOnly |
-
reservedByAccount
-
The accounts using this policy.
Lists the Distinguished Names of UserAccount Managed Objects.
|
string[0..1] |
-
userLabel
-
An additional descriptive text.
|