Set global user policy
We can change global user settings, such as password policies, login-failure policies, access policies, and account expiration policies with the Web Portal Manager or pdadmin utility. Notes:
- The valid range for numbers can be any number. However, use a reasonable number for the task that we want to do. For example, a minimum password length must be long enough to protect your system. The minimum length must not be so short as to make it easy for someone to determine passwords by trying different combinations.
- When we define the password policy, ensure that this definition complies with the password policy of the underlying operating systems and user registries.
- When you use Security Directory Server as our user registry, we can take advantage of its password history policy. For information about setting the password history policy when you use Security Directory Server as our user registry, see Set the password history policy.
- When we modify a password policy, provide a list of days, start time, and end time. The start time and end time apply to each day on the list. If the specified start time is greater than the specified end time, then the access is allowed until the specified end time of the next day.
- Certain global user policies can be applied to basic users. See the following table for which policies are available to basic users.
Policy Available to basic users account-expiry-date Yes disable-time-interval No max-concurrent-web-sessions Yes max-login-failures No max-password-age No max-password-repeated-chars Yes min-password-alphas Yes min-password-length Yes min-password-non-alphas Yes password-spaces Yes tod-access Yes
- Set global user policy with Web Portal Manager
We can change global user settings with Web Portal Manager.- Set global user policy with pdadmin
We can set or change global user settings with the pdadmin utility.Parent topic: Manage users