Chapter 19
DLPs D200 to D299
If you want to modify the idle user timeout period, click the hour (H) and minute (M) arrows in the Idle
Step 2
User Timeout area for the security level you want to provision: RETRIEVE, MAINTENANCE,
PROVISIONING, or SUPERUSER ONLY. The idle period time range is 0 and 16 hours, and 0 and 59
minutes. The user is logged out after the idle user timeout period is reached.
In the User Lockout area, you can modify the following:
Step 3
Failed Logins Before Lockout—The number of failed login attempts a user can make before the user
•
is locked out from the node. You can choose a value between 0 and 10.
Manual Unlock by Superuser only—Allows a user with SUPERUSER ONLY privileges to manually
•
unlock a user who has been locked out from a node.
Lockout Duration—Sets the amount of time the user will be locked out after a failed login. You can
•
choose a value between 0 and 10 minutes, and 0 and 55 seconds (in five-second intervals).
In the Password Change area, you can modify the following:
Step 4
Prevent Reusing Last [ ] Passwords—Choose a value between 1 and 10 to set the number of different
•
passwords the user must create before they can reuse a password.
New Password must Differ from the Old Password—Choose the number of characters that must
•
differ between the old and new password. The default number is 1.
Cannot Change New Password for [ ] days—If checked, prevents users from changing their
•
password for the specified period. The range is 20 to 95 days.
Require Password Change on First Login to New Account—If checked, requires users to change
•
their password the first time they log into their account.
Step 5
To require users to change their password at periodic intervals, check the Enforce Password Aging check
box in the Password Aging area. If checked, provision the following parameters:
•
Aging Period—Sets the amount of time that must pass before the user must change their password
for each security level: RETRIEVE, MAINTENANCE, PROVISIONING, SUPERUSER ONLY.
The range is 20 to 95 days.
Warning—Sets the number days the user will be warned to change his or her password for each
•
security level. The range is 2 to 20 days.
In the Other area, you can provision the following:
Step 6
Single Session Per User—If checked, limits users to one login session at one time.
•
Disable Inactive User—If checked, disables users who do not log into the node for the period of time
•
specified in the Inactive Duration box. The Inactive Duration range is 45 to 90 days.
Click Apply.
Step 7
Return to your originating procedure (NTP).
Step 8
78-17194-01
DLP- D271 Change Node Security Policy on a Single Node
Cisco ONS 15454 SDH Procedure Guide, R7.0
19-75