In a Real User Analyzer, a Security user can configure security features for account policies.
To configure the following security features for account policies, point to Administration > Security settings and click Account policies:
- Password change upon first logon — When this feature is enabled, the system forces new users to change their password upon first logon.
- Strict password policy — When strict passwords are enabled, users are forced to change simple passwords upon logon.
- Password expiration period — When a password expiration period is enabled, a Security user can specify the number of days that a password is valid (the default value is 30). When this feature is disabled, passwords never expire. To configure this feature, click Edit on the Action menu, and enter a value (in days).
- LDAP authentication and authorization — The Security user can enable or disable either or both LDAP functions. For further information, see Using LDAP authentication and authorization for the Analyzer or Collector.
- Account lockout — When account lockout is enabled, an account locks after the specified number of unsuccessful attempts to log on and unlocks after a specified period. The default lockout value is 5, and the default unlock value is 24 hours. To configure the default period (30 days), click Edit on the Action menu.
- Account inactivity - After 30 days of inactivity, automatically inactivate the Operator, Administrator, or Observer local account.
- Entitlement groups — Entitlement groups give groups of users access to data from some Watchpoints but not others. When enabled, Observers who are associated with a particular Entitlement group only have access to data from Watchpoints also associated with that Entitlement group.
Configuring account access policies for a Collector