Configure Password Security Settings Using the SSO Configuration Tool
The password security settings are the settings that control how the password that
NetOps Portaluses functions and works. You
configurethese settings using the Single Sign-On Configuration tool.
changethe password using
NetOps Portalor the
NetOps PortalREST web service.
Follow these steps:
- Open a terminal session on theNetOps Portalhost (as root or with thesudocommand).
- Launch the Single Sign-On Configuration tool by running the./SsoConfigcommand in the following directory:<installation_directory>/PerformanceCenter/opt/CAis the default installation directory.You are prompted to select an option. The available options correspond to the data sources running on the local server.Use the following commands as needed while you are selecting settings:
- b(go back to the previous menu)
- Enter1to configureNetOps Portal(CAPC) security settings.You are prompted to select a configuration option.
- Enter8to configureNetOps Portal(DX NetOps) local password authentication settings.You are prompted to specify the priority.ThePriorityparameter only applies toNetOps Portal.
- Enteroneof the following options:
- 1. Enforce password requirements:Specify whether to enforce the password requirements.Default:Enabled
- 2. Allow REST to create users with usernames and passwords that match:Specify that you can programatically create users and passwords that match.Default:EnabledRecommended:105
- 3. Minimum password length:Specify the minimum password length in characters.Length:8-32Default:8Recommended:105
- 4. Password lifespan:Specify the number of days after which passwords expire.Values:0-712 days (Specify 0 to disable password expiration and to specify passwords to never expire.)Default:105 daysRecommended:105
- 5. Disable password expiration for a specific user:Specify the user account (username) for the user requiring that their passwordnotexpire.
- 6. Enable password expiration for a specific user:Specify the user account (username) for the user requiring that their password expire.
- 7. Expire password for a specific user:Specify the user account (username) for the user requiring a password change. WhenNetOps Portalprompts the user for their password, and they enter it,NetOps Portalthen prompts the user to change their password.
- 8. Expire all passwords immediately:Specify to expire password for all user accounts.
- 9. Failed login attempts before blockingSpecify the number of failed login attempts before a user is blocked (disabled).Values:2-9Default:6
- 10. Timeframe for failed login attemptsSpecify the time frame that the failed login attempts must occur before a user is blocked (disabled).Values:1-10Default:3
- 11. Disable user after failed login attemptsSpecify whether multiple failed login attempts within a time frame disables user accounts.Default:Enabled
- 12. Number of minutes to block IP address after failed login attemptsSpecify the number of minutes after failed login attempts that an IP address for user accounts is blocked.This functionality isnotan intrusion detection system.Values:0-1440Default:0 (The IP addresses for user accounts are not blocked after failed login attempts.)
- Enterbandbagain to go back to the first set of options.
The basic security settings are configured.