Specifications

ManualsBrandsCisco ManualsComputer equipmentContent Delivery Engine 100/200/300/400

301

302

303

304

305

306

307

308

309

310

7-10

Cisco TV CDS 2.5 ISA Software Configuration Guide

OL-24788-01

Chapter 7 System Maintenance

User Access

As an example, if the Password Expiration Interval is set to 6 months (180 days) and the Password

Expiration Reminder is set to 15 days; then 15 days before the password expires, the user is taken to

the Edit Users page where a message is displayed stating the password is soon to expire. The message

also includes the number of days the current password is active before it expires. The user has the option

to change the password or continue without changing the password.

If the password expires, the user cannot log in to the CDSM. A Master- level user can change the user

password and unlock the user account. Anytime the user password is changed by the Master-level user,

the Force Password Change check box is checked and the next time the user logs in to the CDSM, the

user is taken to the Edit Users page and is forced to change the password. The user is not be able to access

any of the other CDSM GUI pages until a password change has occurred.

Password Complexity Rules

Password Complexity Rules apply to any password change performed by the user. These rules can be

overridden by Master-level users when the Override Password Check check box is checked on the Add

Users page or the Edit Users page.

Configuring User Authentication

The TV CDS software offers the following database options for maintaining user authentication data:

• Local database (located on the CDSM)

• RADIUS server (external database)

• TACACS+ server (external database)

The User Authentication page displays the configuration settings of the Authentication Protocol, which

is configured through the cdsconfig script. The user authentication settings consist of choosing an

external access server (TACACS+ or RADIUS) or the internal (local) CDSM authentication database for

user access management, and setting the challenge key and timeout. The default is to use the local

database for authentication. The cdsconfig script prompts you for the primary and backup external

access server configuration. If the CDSM does not get a response from the primary server within the

timeout period, the backup server is contacted.

Note The CDSM does not cache user authentication information. Therefore, if an external server is used, the

user is reauthenticated against the Remote Authentication Dial In User Service (RADIUS) server or the

Terminal Access Controller Access Control System Plus (TACACS+) server each time a user logs in to

the CDSM. If the authentication is successful, a user session is created and is used to grant access to the

different pages of the CDSM GUI. The session is destroyed when the user logs out of the CDSM. To

Password

Expiration

Reminder

Interval prior to the password expiration that the user is notified about the

password expiration.

Idle Session

Timeout Interval

Maximum time a session can be idle. If the time lapse between user requests

exceeds the Idle Session Timeout Interval setting, the user is redirected to the

Table 7-5 System Authentication Fields (continued)

Field Description