You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Introduction

This wiki page aims to show how to manage password, account and synchronization policies.

Password Policies

A password policy is a set of rules designed to force users to employ strong passwords and use them properly.

Create new password policy

  1. Click on Configuration tab.
  2. Click on Password Policies subtab (Fig. Password Policies Tab).
  3. Click on Create button (Fig. Create Password Policies).
  4. Click on Policy Description tab and provide information.
    #*Type
    Password Policy for a simple policy.
    Password Global Policy for a global policy.
    #*Description
    :Brief description
  5. Click on Policy Specification tab (Fig. Policy Specification) and configure your policy.
    #*History length: User password history values cannot be used to specify a new password.
    #*Maximum size: minimum password size.
    #*Minimum size: maximum password size.
    #*Substrings not permitted: sub-strings not permitted.
    #*Mustn't contain value of the following attributes: password cannot be equal to the specified attribute values.
    #*Non alphanumeric character required: a non alphanumeric character is required.
    #*Alphanumeric character required: a alphanumeric character is required.
    #*Must contain one or more digits: a digit character is required.
    #*Lowercase required: a lower case is required.
    #*Uppercase required: an upper case is required.
    #*Must start with digit: password must start with a digit.
    #*Mustn't start with digit: password mustn't start with a digit.
    #*Must end with digit: password must end with a digit.
    #*Mustn't end with digit: password mustn't end with a digit.
    #*Must start with non alphanumeric character: password must start with a non alphanumeric character.
    #*Must start with alphanumeric character: password must start with an alphanumeric character.
    #*Mustn't start with non alphanumeric character: password mustn't start with a non alphanumeric character.
    #*Mustn't start with alphanumeric character: password mustn't start with an alphanumeric character.
    #*Must end with non alphanumeric character: password must end with a non alphanumeric character.
    #*Must end with alphanumeric character: password must end with an alphanumeric character.
    #*Mustn't end with non alphanumeric character: password mustn't end with a non alphanumeric character.
    #*Mustn't end with alphanumeric character: password mustn't end with an alphanumeric character.
    #*Pefixes not permitted: password prefixes not permitted.
    #*Suffixes not permitted: password suffixes not permitted.
  6. Click on Save button.

Image:PasswordPolicies_1.png|Password Policies Tab
Image:PasswordPolicies_2.png|Create Password Policies
Image:PasswordPolicies_3.png|Policy Specification

Edit password policy

  1. Click on Configuration tab.
  2. Click on Password Policies subtab (Fig. Password Policies Tab).
  3. Click on Edit link and perform changes.
  4. Click on Save button.

Delete password policy

  1. Click on Configuration tab.
  2. Click on Password Policies subtab (Fig. Password Policies Tab).
  3. Click on Delete link.
  4. Confirm operation.

Account Policies

An account policy specify the username attribute syntax, the maximum number of subsequent failed logins permitted before to lock the account and whether propagate user suspension.

Create new account policy

  1. Click on Configuration tab.
  2. Click on Account Policies subtab (Fig. Account Policies Tab).
  3. Click on Create button (Fig. Create Account Policies).
  4. Click on Policy Description tab and provide information.
    #:*Type
    #:*:Account Policy for a simple policy.
    #:*:Account Global Policy for a global policy.
    #:*Description
    #:*:Brief description
  5. Click on Policy Specification tab (Fig. Policy Specification) and configure your policy.
    #:*Maximum size: maximum username length.
    #:*Minimum size: minimum username length.
    #:*Substrings not permitted: sub-strings not permitted.
    #:*Mustn't contain value of the following attributes: username cannot be equal to the specified attribute values.
    #:*Pefixes not permitted: username prefixes not permitted.
    #:*Suffixes not permitted: username suffixes not permitted.
    #:*All upper case: username must be all upper case.
    #:*All lower case: username must be all lower case.
    #:*Propagate suspension: check it to propagate user suspension.
    #:*Maximum number of subsequent failed logins: maximum number of subsequent failed logins permitted before to lock the account.
  6. Click on Save button.

Image:AccountPolicies_1.png|Account Policies Tab
Image:AccountPolicies_2.png|Create Account Policies
Image:AccountPolicies_3.png|Policy Specification

Edit account policy

  1. Click on Configuration tab.
  2. Click on Account Policies subtab (Fig. Account Policies Tab).
  3. Click on Edit link and perform changes.
  4. Click on Save button.

Delete account policy

  1. Click on Configuration tab.
  2. Click on Account Policies subtab (Fig. Account Policies Tab).
  3. Click on Delete link.
  4. Confirm operation.

Synchronization Policies

A synchronization policy specify alternative attributes to be used to search locally for users to be synchronized and to specify the conflict resolution policy.

Create new synchronization policy

  1. Click on Configuration tab.
  2. Click on Synchronization Policies subtab (Fig. Synchronization Policies Tab).
  3. Click on Create button (Fig. Create Synchronization Policies).
  4. Click on Policy Description tab and provide information.
    #:*Type
    #:*:Synchronization Policy for a simple policy.
    #:*:Synchronization Global Policy for a global policy.
    #:*Description
    #:*:Brief description
  5. Click on Policy Specification tab(Fig. Set Policy Specification). and configure your policy.
    #:*Alternative attributes for local search: attributes to be used to search locally for users to be synchronized.
    #:*Conflict resolution action: resolution policy in case of multi match.
    #:*:FIRSTMATCH (synchronize only the first matched user).
    #:*:LASTMATCH (synchronize only the last matched user).
    #:*:IGNORE (do not synchronize matched users).
    #:*:ALL (synchronize all the matched users).
  6. Click on Save button.

Image:SyncroPolicies_1.png|Synchronization Policies Tab
Image:SyncroPolicies_2.png|Create Synchronization Policies
Image:SyncroPolicies_3.png|Policy Specification

Edit synchronization policy

  1. Click on Configuration tab.
  2. Click on Synchronization Policies subtab (Fig. Synchronization Policies Tab).
  3. Click on Edit link and perform changes.
  4. Click on Save button.

Delete synchronization policy

  1. Click on Configuration tab.
  2. Click on Synchronization Policies subtab (Fig. Synchronization Policies Tab).
  3. Click on Delete link.
  4. Confirm operation.
  • No labels

Questions? Just send an e-mail to user@syncope.apache.org