Dell POWEREDGE M1000E User Manual
Page 577
Fabric OS Command Reference
545
53-1001764-02
passwdCfg
2
-minpasswordage value
Specifies the minimum number of days that must elapse before a password
can be changed. -minpasswordage can be set at 0 to 999. The default value
is 0. Setting this parameter to a nonzero value discourages a user from
rapidly changing a password in order to defeat the password history setting to
reuse a recently used password. The minpasswordage policy is not enforced
when an administrator changes the password for another user..
-maxpasswordage value
Specifies the maximum number of days that can elapse before a password
must be changed. This is the password expiration period.
-maxpasswordage can be set at 0 to 999. Setting this parameter to 0
disables password expiration. The default value is 0. When -maxpasswordage
is set to a nonzero value, -minpasswordage must be set to a value less than
or equal to -maxpasswordage.
-warning value
Specifies the number of days prior to password expiration that a warning of
password expiration is displayed. The valid range for -warning is 0 to 999. The
default value to 0.
-lockoutthreshold value
Specifies the number of times a user can specify an incorrect password
during login before the account is locked. The number of failed login attempts
is counted from the last successful login. Values for -lockoutthreshold range
from 0 to 999. Setting this parameter to 0 disables the lockout mechanism.
The default value is 0.
-lockoutduration value
Specifies the time, in minutes, after which a previously locked account
automatically unlocks. lockoutduration values range from 0 to 99999. The
default value is 30. Setting this parameter to 0 disables lockout duration,
requiring an administrative action to unlock the account. The lockout
duration begins with the first login attempt after the lockout threshold has
been reached. Subsequent failed login attempts do not extend the lockout
period.
--
enableadminlockout
Enables the admin lockout policy and sets the config parameter
"passwdcfg.adminlockout" to 1. If the parameter
"passwdcfg.lockoutthreshold" is set to greater than 0 and Admin Lockout
policy is enabled, then, if the number of failed login attempts from the last
successful login equals the "passwdcfg.lockoutthreshold", the account gets
locked for the "passwdcfg.lockoutduration" duration. The particular account
is unlocked manually using userconfig --change account name-u (requires
root/factory/security admin/admin privileges) or it is automatically unlocked
after "passwdcfg.lockoutduration" duration.
-repeat value
Specifies the length of repeated character sequences that will be disallowed.
For example, if the "repeat" value is set to 3, a password "passAAAword" is
disallowed because it contains the repeated sequence "AAA". A password of
"passAAword" would be allowed because no repeated character sequence
exceeds two characters. The range of allowed values is 1-40.