(Superusers only; multishelf view [multishelf mode] and node view [single-shelf mode] only) Use the
node view Policy subtab to view and edit the ONS node security policies.
|
|
|
Modifies the amount of time a CTC user can be idle before CTC logs the user out. To modify the idle time, click the hour (H) and minute (M) arrows for each CTC security level—RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERVISER. You can choose values between 0 to 16 hours, and 0 to 59 minutes.
|
|
Provisions the user lockout policies:
• |
Failed Logins Before Lockout —Sets the number of times a user can fail to log in before CTC locks the user out. The minimum is 0, and the maximum is 10. |
• |
Manual Unlock by Superuser —If checked, a Superuser must manually unlock the locked out user before the user can log back into the node. |
• |
Automatic Unlock After —If Manual Unlock by Superuser is selected, the locked-out user cannot log into the node until a Superuser clears the user’s Lock Out flag by editing the user in the Users tab. The maximum lockout period is 10 minutes. If Automatic Unlock After is selected, the locked-out user can log into the node after the user-provisioned lockout duration time period has passed. |
|
|
Sets the user password change policies:
• |
Prevent Reusing Last Password —Sets the number of recent passwords a user cannot reuse. The minimum is 1, and the maximum is 10. |
• |
New Password must Differ from the Old Password by —Sets the number of characters that the new password must differ from the old one. The minimum is 1, and the maximum is 5. |
• |
Cannot Change New Password For —If checked, the user cannot change a new password for the number of days set in the “days” box. The minimum is 20, and the maximum is 95 days. |
• |
Require Password Change on First Login to New Account —If checked, requires the user to change his or her password the first time he or she logs into the ONS node. |
|
|
Sets the user password aging policies:
• |
Enforce Password Aging —If checked, requires the user to change his or her password within the number days set in Aging Period. |
• |
Aging Period —Sets the number of days that must pass before a user is required to change his or her password. A different aging period can be set for each security level—RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERVISER. The minimum aging period is 20 days, and the maximum is 90. |
• |
Warning Period —Set the number of days the user is warned to change their password. A different aging period can be set for each security level. The minimum is 2 days, and the maximum is 20 days. |
|
|
• |
Identical Consecutive Characters Allowed |
• |
Minimum Length —The minimum length can be set to eight, ten, or twelve characters |
• |
Maximum Length —The maximum length is 80 characters |
• |
Minimum Required Charaters —The password must be a combination of alphanumeric (a-z, A-Z, 0-9) and special (+, #,%) characters, where at least two characters are nonalphabetic and at least one character is a special character. Superusers can specify when users must change their passwords and when they can reuse them. |
|
|
Sets the CTC session policies:
• |
Single Session Per User —If checked, limits users to a single CTC session.(Applicable to TL1/Telnet also) |
• |
Prevent Super User Disable —If checked, prevents the super user disable function. |
• |
Disable Inactive User —If checked, disables users if they have not logged into the ONS node for the time period set in the Inactive Duration field. |
• |
Inactive Duration —Sets the number of inactive days that must pass before the user is disabled. The minimum is 1 day, and the maximum 99 days. |
|
|
Applies changes made to the Policy fields.
|
|
Cancels any Policy subtab changes and returns the fields to their last-saved settings.
|
|
Displays context-sensitive help.
|