Deleting time slices
|
IMPORTANT: If you delete a time slice used by target objects, these target objects will use the default time slice. |
Before starting
To perform the task described in this section, you must have at least the following administration role:
- In classic administration mode: "Security object administrator".
- In advanced administration mode, your role must contain the following administration right: Deletion".
Procedure
- In the tree structure of the Directory panel, right-click the time slice to delete and select Delete.
- The time slice is deleted and removed from the directory tree structure.
Managing Password Format Control Policies
Object definition
The password format control policies define the number of characters, the minimum and maximum lengths and the types of characters required to provide a valid password during an application authentication phase.
Target objects
PFCP are required to define applications.
In this section:
Creating/Modifying Password Format Control Policies
Before starting
To perform the tasks described in this section, you must have at least the following administration role:
- In classic administration mode: "Security object administrator".
- In advanced administration mode, your role must contain the following administration right: "Password format control policy: Creation/Modification".
Procedures
Creating Password Format Control Policies
- In the tree structure of the Directory panel, right-click the organizational unit that must contain your PFCP and select New\Password Control Policy.
- The PFCP configuration tab appears.
- Fill in the window as described in Section Configuring Time Slices and click Apply.
- The PFCP appears in the directory tree structure.
Modifying Password Format Control Policies
|
IMPORTANT: If you modify a PFCP already used by target objects, your modifications apply to all the target objects associated with this security object. |
- In the tree structure of the Directory panel, select the PFCP to modify.
- The PFCP configuration tab appears.
- Fill in the window as described in Section Configuring Password Format Control Policy and click Apply.
Configuring Password Format Control Policy
Configuring Password Format Control Policy
Before starting
- For more information on the PFCP objects, see Section Managing Password Format Control Policies.
- To perform the task described in this section, you must have at least the following administration role:
- In classic administration mode: "Security object administrator".
- In advanced administration mode, your role must contain the following administration right: "Password format control policy: Creation/Modification".
Window example
Procedure
- Type the PFCP name.
- In the Password Format area, set the minimum and the maximum number of characters, the maximum number of the same character allowed in password and specify if you want to allow or prevent the use of successive occurrences of the same character.
Click the Advanced Policy button to add forbidden character sequences:
- Select the following check boxes:
- New and current passwords can't have the same characters at the same position to force the order modification of the characters. Example: if this check box is selected and the old password was apricot, then the new password cannot be apple but parrot for example.
- This option is case sensitive to authorize or forbid upper case or lower case letters to be considered as identical letters in the password. Example: If the check box is not selected, then a=A.
- Password cannot contain the user's login or display name to prevent the user from using his name or login (sAMAccountName) to create his password. This restriction applies to names longer than 3 characters. Example: the password of John Fab Smith can neither contain John nor Smith but can contain Fab.
This option is available only with Microsoft directories.
- Use the Add and Remove buttons to manage the forbidden character sequences, such as QWERTY or 12345.
- In the Allowed characters area, set the number of lower case and upper case letters, digits, special characters and the list of these special characters allowed in passwords and their position.
The Special character list field enables you to specify which of these characters must appear in the password.
You can also force the use of 3 categories of characters out of the 4 available.
|
IMPORTANT: The following special characters are allowed:
& |
~ |
" |
# |
' |
{ |
( |
[ |
- |
| |
` |
£ |
_ |
\ |
@ |
) |
° |
] |
= |
+ |
} |
$ |
% |
* |
, |
? |
; |
. |
: |
/ |
! |
^ | |
- Accented characters are forbidden.
- For each type of character, the check boxes located in the right hand side of the panel allow you to define the position of the character as follows:
- The first check box corresponds to the first character.
- The second check box corresponds to the characters located between the first and the final character.
- The third check box corresponds to the final character.
- In the Forbidden characters area, create a list of forbidden characters.
- Click the Test password generation button to check if the generated passwords correspond to your requirements.