12 configuring global system settings, Configuring system parameters, Configuring system – H3C Technologies H3C Intelligent Management Center User Manual

121

12 Configuring global system settings

The global system settings determine the operation of the TAM system and its services.
Global system settings include:

•

System parameters

•

Password strategy parameters

•

System operation log parameters

•

RSA authentication parameters

•

System configuration validation

Configuring system parameters

System parameters are related to all services in TAM, and must be properly configured to guarantee

normal service operation.
To configure the system parameters:

1.

Click the User tab.

2.

On the navigation tree, select Device User Policy > Service Parameters > System Configuration.
The System Configuration list displays all system configurations.

3.

Click the Configure icon for the System Parameters entry.

4.

Configure the system parameters:

{

Aging Time—Set the time interval at which TAM checks the status of each online user. If the
duration since the Watchdog packet of a user was received exceeds the aging time, TAM
considers that the user is offline and removes the user from the online user list. H3C

recommends that you set the value to at least three times the sending interval for Watchdog

packets.
The sending interval for Watchdog packets is configured on the device. When you add or
modify a device in TAM, if you set the Watchdog field to Not Supported, TAM cannot

automatically clear online users that log in to the device.

{

Max. Authentication Attempts—Set the maximum number of consecutive authentication
attempts permitted for a device user with incorrect passwords. If the maximum authentication

attempts are exceeded, TAM adds the user to the blacklist. Blacklisting an online user does not

affect other logged-in users. However, the blacklisted online user cannot log in to any other

devices. The user is released from the blacklist at 00:00 the next day. If you do not want to

restrict the authentication attempts, set the parameter to zero (0).

{

Cancelled User Lifetime—Specify how long TAM keeps the account information and related
authentication, authorization, and audit logs for a device user in the system after the user is

cancelled. When the time expires, TAM permanently deletes the account information and logs

of the device user.
You can query users that have been cancelled but whose lifetime is not expired by using the
advanced query function for device users and setting the user status to Cancelled. For more

information about the advanced query function, see "

Advanced query

." You can query logs

for cancelled users by using the advanced query function for logs and setting the user status to