HP StorageWorks 4/16 Brocade OS Command Reference Manual Supporting Fabric OS - Page 397
successful login equals the passwdcfg.lockoutthreshold, the account gets
View all HP StorageWorks 4/16 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 397 highlights
passwdCfg 2 . -maxpasswordage value Specifies the maximum number of days that can elapse before a password must be changed. This is the password expiration period. -maxpasswordage can be set at 0 to 999. Setting this parameter to 0 disables password expiration. The default value is 0. When -maxpasswordage is set to a nonzero value, -minpasswordage must be set to a value less than or equal to -maxpasswordage. -warning value Specifies the number of days prior to password expiration that a warning of password expiration is displayed. The valid range for -warning is 0 to 999. The default value to 0. -lockoutthreshold value Specifies the number of times a user can specify an incorrect password during login before the account is locked. The number of failed login attempts is counted from the last successful login.Values for -lockoutthreshold range from 0 to 999. Setting this parameter to 0 disables the lockout mechanism. The default value is 0. -lockoutduration value Specifies the time, in minutes, after which a previously locked account automatically unlocks. lockoutduration values range from 0 to 9999. The default value is 30. Setting this parameter to 0 disables lockout duration, requiring an administrative action to unlock the account. The lockout duration begins with the first login attempt after the lockout threshold has been reached. Subsequent failed login attempts do not extend the lockout period. --enableadminlockout Enables the admin lockout policy and sets the config parameter "passwdcfg.adminlockout" to 1. If the parameter "passwdcfg.lockoutthreshold" is set to greater than 0 and Admin Lockout policy is enabled, then, if the number of failed login attempts from the last successful login equals the "passwdcfg.lockoutthreshold", the account gets locked for the "passwdcfg.lockoutduration" duration. The particular account is unlocked manually using userconfig --change account name-u (requires root/factory/security admin/admin privileges) or it will automatically get unlocked after "passwdcfg.lockoutduration" duration. -repeat value Specifies the length of repeated character sequences that will be disallowed.For example, if the "repeat" value is set to 3, a password "passAAAword" is disallowed because it contains the repeated sequence "AAA". A password of "passAAword" would be allowed because no repeated character sequence exceeds two characters. The range of allowed values is 1-40. -sequence value Specifies the length of sequential character sequences that will be disallowed. A sequential character sequence is defined as a character sequence in which the ASCII value of each contiguous character differs by one. The ASCII value for the characters in the sequence must all be increasing or all decreasing. For example, if the "sequence" value is set to 3, a Fabric OS Command Reference 371 53-1000599-01