Table of Contents
Advertisement
User Account Administration (Continued)
TABLE 2-4
Item
Description
Enable/disable
Enables or disables the lockout function.
lockout function
To disable the lockout, specify 0 minutes
for lockout period. To enable lockout,
specify a period other than 0 minutes.
Note – (1) If the password policy is set, then the password policy is applied to the
users added after that. When you change the password for another user by using the
user operand, they system password policy is not enforced. When changing another
user's password, be sure to choose a password that conforms with the system
password policy.
Note – (2) After the login authentication failure, XSCF locks out the user login for a
period of time that specified in the last account lockout setting. On the
M8000/M9000 servers, the account lockout function is enabled in both
active/standby XSCF. When the user login locked out, a message will be saved in the
audit log. The setloginlockout -s 0 will disable the account lockout. When the
account lockout is disabled, a user can attempt to login, and fail, an unlimited
number of times. If a user needs to access their locked account before the lockout
time is complete they must get an administrator to disable the account lockout to
allow them to login and then re-enable the lockout by setting a lockout time. For
more information, see the setloginlockout(8) and showloginlockout(8) man
pages.
Note – The ability to specify and view the lockout period is supported in XCP1080
and later.
Shell Command
Remarks
setloginlockout • The lockout is disabled
• After three sequential
• Range of the lockout
(Note 2)
Chapter 2
by default.
login failures, it locks
out the user login for a
specified period of
time.
period is 0 to 1440
minutes.
Setting Up XSCF
2-39
Advertisement
Table of Contents
