SEOS Class (Windows Environment

The SEOS class controls the behavior of the native local security system.
capamsc141
The SEOS class controls the behavior of the native local security system.
The class contains only one record, called SEOS, which specifies general native security options. To view or change the status of SEOS class properties, use the setoptions command.
The following definitions describe the properties contained in this class record. Most properties are modifiable and can be manipulated using selang or the administration interfaces. Non-modifiable properties are marked
informational
.
  • AuditCategory
    Specifies which detected authorized and unauthorized events are audited.
    • AccountLogon
      Specifies whether to audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account.
    • AccountManagement
      Specifies whether to audit each event of account management on a computer. Examples of account management events include:
      • A user account or group is created, changed, or deleted.
      • A user account is renamed, disabled, or enabled.
      • A password is set or changed.
    • DirectoryAccess
      Specifies whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) defined.
    • Logon
      Specifies whether to audit each instance of a user logging on to or logging off from a computer.
    • ObjectAccess
      Specifies whether to audit the event of a user accessing an object. For example, a file, folder, registry key, printer, and so on, that has its own system access control list (SACL) defined.
    • PolicyChange
      Specifies whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
    • PrivilegeUse
      Specifies whether to audit each instance of a user exercising a user right.
    • DetailedTracking
      Specifies whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
    • System
      Specifies whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
  • History
    Defines the number of unique new passwords that have to be associated with a user account before an old password can be reused.
    Limits:
    An integer between 1 and 24. If you specify zero, no passwords are saved.
  • Interval
    Defines the period of time (in days) that a password can be used before the system requires the user to change it.
  • Min life
    Defines the period of time (in days) that a password must be used before the user can change it.
  • Min length
    Defines the least number of characters that a password for a user account may contain.
  • Password fails
    Defines the number of failed logon attempts that causes a user account to be locked out.
  • Reset count after
    Defines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts.