(Superusers only; multishelf view [multishelf mode] and node view [single-shelf mode] only) Use the
node view Policy subtab to view and edit the ONS node security policies.
|
|
|
These fields modify the amount of time a CTC user can be idle before CTC logs the user out. To modify the idle time, click the hour (H) and minute (M) arrows for each CTC security level: RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERUSER. You can choose values between 0 to 16 hours, and 0 to 59 minutes.
|
|
These fields provision the user lockout policies:
• |
Failed Logins Allowed Before Lockout: Sets the number of times a user can fail to login before CTC locks the user out. The minimum is 0, and the maximum is 10. |
• |
Manual Unlock by Superuser: If checked, a Superuser must manually unlock the locked out user before the user can log back into the node. |
• |
Automatic Unlock After: If Manual Unlock by Superuser is selected, the locked-out user cannot log into the node until a Superuser clears the user's Lock Out flag by editing the user in the Users tab. The maximum lockout period is 10 minutes. If Automatic Unlock After is selected, the locked-out user can log into the node after the user-provisioned lockout duration time period has passed. |
|
|
These fields provision the user password change policies:
• |
Prevent Reusing Last Password: Sets the number of recent passwords a user cannot reuse. The minimum is 1, and the maximum is 10. |
• |
New Password must Differ from the Old Password by: Sets the number of characters that the new password must differ from the old one. The minimum is 1, and the maximum is 5. |
• |
Cannot Change New Password For: If checked, the user cannot change a new password for the number of days set in the “days” field. The minimum is 20, and the maximum is 95 days. |
• |
Requires Password Change on First Login to New Account: If checked, requires the user to change his or her password the first time he or she logs into the ONS node. |
|
|
Provision the user password aging policies:
• |
Enforce Password Aging: If checked, requires the user to change his or her password within the number days set in Aging Period. |
• |
Aging Period: Sets the number of days that must pass before a user is required to change his or her password. A different aging period can be set for each security level: RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERUSER. The minimum aging period is 20 days, and the maximum is 90. |
• |
Warning Period: Set the number of days the user is warned to change their password. A different aging period can be set for each security level. The minimum is 3 days, and the maximum is 20 days. |
|
|
These fields provision the CTC session policies:
• |
Single Session Per User: If checked, limits users to a single CTC session. |
• |
Disable Inactive User: If checked, disables users if they have not logged into the ONS node for the time period set in the Inactive Duration field. |
• |
Inactive Duration: Sets the number of inactive days that must pass before the user is disabled. The minimum is 1 days, and the maximum 99 days. |
|
|
Applies changes made to the Policy fields.
|
|
Cancels any Policy subtab changes and returns the fields to their last-saved settings.
|
|
Displays context-sensitive help.
|