SEOS Class (Windows Environment
The SEOS class controls the behavior of the native local security system.
capamsc141
The SEOS class controls the behavior of the native local security system.
The class contains only one record, called SEOS, which specifies general native security options. To view or change the status of SEOS class properties, use the setoptions command.
The following definitions describe the properties contained in this class record. Most properties are modifiable and can be manipulated using selang or the administration interfaces. Non-modifiable properties are marked
informational
.- AuditCategorySpecifies which detected authorized and unauthorized events are audited.
- AccountLogonSpecifies whether to audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account.
- AccountManagementSpecifies whether to audit each event of account management on a computer. Examples of account management events include:
- A user account or group is created, changed, or deleted.
- A user account is renamed, disabled, or enabled.
- A password is set or changed.
- DirectoryAccessSpecifies whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) defined.
- LogonSpecifies whether to audit each instance of a user logging on to or logging off from a computer.
- ObjectAccessSpecifies whether to audit the event of a user accessing an object. For example, a file, folder, registry key, printer, and so on, that has its own system access control list (SACL) defined.
- PolicyChangeSpecifies whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
- PrivilegeUseSpecifies whether to audit each instance of a user exercising a user right.
- DetailedTrackingSpecifies whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
- SystemSpecifies whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
- HistoryDefines the number of unique new passwords that have to be associated with a user account before an old password can be reused.Limits:An integer between 1 and 24. If you specify zero, no passwords are saved.
- IntervalDefines the period of time (in days) that a password can be used before the system requires the user to change it.
- Min lifeDefines the period of time (in days) that a password must be used before the user can change it.
- Min lengthDefines the least number of characters that a password for a user account may contain.
- Password failsDefines the number of failed logon attempts that causes a user account to be locked out.
- Reset count afterDefines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts.