Configuring account access policies for a Collector
In a Real User Collector, a Security user can configure security features for services and account policies.
To configure the following security features for account policies, point to Administration > Security settings and click Account policies:
- Password change upon first logon — When this feature is enabled, the system forces new users to change their password upon first logon.
- Strict password policy — When strict passwords are enabled, users are forced to change simple passwords upon logon.
- Password expiration period — When a password expiration period is enabled, a Security user can specify the number of days that a password is valid (the default value is 30). When this feature is disabled, passwords never expire. To configure this feature, click Edit on the Action menu, and enter a value (in days).
- LDAP authentication and authorization — The Security user can enable or disable either or both LDAP functions. For further information, see Using LDAP authentication and authorization for the Analyzer or Collector.
- Account lockout — When account lockout is enabled, an account locks after the specified number of unsuccessful attempts to log on and unlocks after a specified period. The default lockout value is 5, and the default unlock value is 24 hours. To configure the default period (30 days), click Edit on the Action menu.
- Account inactivity - After 30 days of inactivity, automatically inactivate the Operator, Administrator, or Observer local account.
Concurrent logons — When enabled, multiple simultaneous logons under the same account are permitted. When disabled, only the most recent logon works.
- Prevent automatic login — When enabled, browser software will not persist usernames and password (auto-completion is not permitted on the login page).