Password limitations and characters allowed in object names

When we specify Security Verify Access user names, group names, distinguished names, POP names, ACL policies, authorization rules, and domain names, certain characters might be disallowed.

Some factors that affect which characters are allowed are restrictions of the underlying user registry, server, or operating system.

This section describes the following limitations:

• General password policies
  We can change global user settings, such as password policies, login-failure policies, access policies, and account expiration policies. Additionally, we can override global password policies by setting individual password policies for the specified user.
• Character limitations for passwords and user names
  There are password characters that are valid, but must be treated differently when you run the pdadmin utility. These special characters have special meaning to the utility.
• Characters allowed for secure domain names
  A valid local domain name is an alphanumeric, case-sensitive string. String characters are expected to be characters that are part of the local code set.
• Characters disallowed for user and group name
  Environment aspects such as registries and command shells can affect special character handling. Because of the variability of special character handling in general, avoid the use of special characters.
• Characters disallowed for distinguished names
  Certain characters are treated differently by the different user registries.
• Characters disallowed for GSO names
  Certain characters are disallowed for GSO names.
• Characters disallowed for authorization rule names
  Certain characters are disallowed for authorization rule names.
• Characters disallowed for ACL policy names
  Certain characters are disallowed for ACL policy names.
• Characters disallowed for POP names
  Certain characters are disallowed for POP names.

Parent topic: Web command reference