Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software

101

102

103

104

105

106

107

108

109

110

Changing a Platform User Password

A user in the role ROLE.SECMGR can use the ALTER USER command or the HPDM Edit User

dialog to change the passwords and password expiration attributes of platform users (with just

a few exceptions), even if the user's existing password has expired. The following table indicates

which users are permitted to change the passwords of other platform users.

Role Required to Change Parameters

Governing Password ExpirationRole Required to Change the PasswordType of Account

ROLE.SECMGRROLE.SECMGRSUPER.SUPER user

ROLE.SECMGRROLE.SECMGRSUPER.SERVICES user

SUPER.SERVICESSUPER.SERVICESHP.VTS user

ROLE.SECMGRROLE.SECMGRHP.SDI user

The following table provides parameter information for NCI and HPDM:

Table 5-13 Changing a Platform User Password

CommentRangeInitial ValueField Name (HPDM)Parameter Name (NCI)

Must be an existing

user.

32 charactersNAUser NameUSER

Maximum of 53

characters if you use

1024-bit encryption,

64 characters if you

use 2048-bit

encryption

NAPassword, Confirm

Password

PASSWORD

Number of days from

password change to

expiration.

IntegerIn order of

descending

precedence:

Previously specified

value

Value specified in

security policy

0 (no expiration)

Expires Every...DaysEXPIRY-DAYS

Password expiration

date. NCI requires

alphabetic characters

to represent the

month. HPDM uses

two-digit numbers.

“MMM DD YYYY” in

NCI

MM-DD-YYYY in

HPDM

Current date plus

EXPIRY-DAYS or, if

EXPIRY-DAYS is 0,

no expiration

Expiry DateEXPIRY-DATE

For a description of the NCI ALTER USER command, see “ALTER USER Command (platform

users, locally authenticated database users)” (page 111). For more information about the HPDM

Edit User dialog and how to navigate to it, see the HPDM Online Help.

Changing a Platform Role Password

A user in the role ROLE.SECMGR can change the password of the SUPER.SUPER platform role,

using either the NCI ALTER ROLE command or the HPDM Change Role Password dialog. You

can also change the password-expiration attributes for a role, but HP recommends that you not

do so. (By default, the passwords of predefined roles do not expire.)

Whether a user ever needs to enter the role password in order to log on is determined by the

security policy, as described in “Viewing and Updating the Power Role Management Policies”

(page 48).

106 User and Role Management