Neoview User Management and Security Administration Guide (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software

corresponding value, the command prompts you for the value and echoes your input to the

screen. If you specify a parameter and value more than once, an error is reported.

• SYSTEM_NAME is required and identifies the Neoview platform whose policy you wish to

modify. The name consists of the first five characters of the platform name, for example

SEC01.

• AUTO-DOWNLOAD specifies whether the certificate is automatically downloaded if not already

present when a client connects. The permissible values are Yes and No; the command also

accepts Y for Yes and N for No. The default value is Yes.

• CERTEXPIRY specifies whether the certificate expires. The permissible values are Yes and

No; the command also accepts Y for Yes and N for No. The default value is No.

The command fails and an error is returned if

• You are not logged on as ROLE.SECMGR.

• You specify an invalid value for an attribute, or you specify both attributes rather than just

one.

• You are not in .sec mode.

Examples

The following command modifies the password encryption policy to forbid automatic download

of certificates:

.sec alter cert policy chi01 auto-download no

Viewing and Updating the Password Quality and Control Policies

The password quality and control policies govern the content and handling of passwords used

by platform users and locally authenticated database users, and for roles. Passwords of remotely

authenticated database users are managed on the external LDAP server and governed by policies

implemented there.

In the current release, the maximum length of the password for a platform user, a locally

authenticated database user, or a role is fixed at 64.

Table 2-3 Password Quality and Control Policies

CommentRange

Initial

Value

Policy Name

(HPDM)

Input Parameter

Name (NCI)Display Name (NCI)

Minimum length of the password for a

platform user, a locally authenticated

database user, or a role

6–648Minimum

Length

minlenPwdQualMinLen

Number of character categories (i.e.,

uppercase, lowercase, numeric, special)

that must be represented in the

password. This value must be less than

or equal to the number of the next four

attributes that have the value Y. (For

example, if the configuration requires

that a password include a lowercase

character and a number and the value

of this attribute is 3, then a password

must also include an uppercase

character, a special character, or both.)

0 to 40Password

requires...criteria

minqltyreqPwdQualReqCriteria

Specifies whether the password is

required to contain at least one

lowercase character

Y or NNLowercase

Character

required

lcasereqPwdQualReqLower

Specifies whether the password is

required to contain at least one

uppercase character

Y or NNUppercase

Character

required

ucasereqPwdQualReqUpper

44 Post-installation Security Setup Tasks