Cisco Systems CSACS3415K9 Manual De Usuario
8-10
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Chapter 8 Managing Users and Identity Stores
Managing Internal Identity Stores
Step 3
In the Advanced tab, enter the values for the criteria that you want to configure for your user
authentication process.
authentication process.
describes the fields in the Advanced tab.
Password may not contain the username
Whether the password may contain the username or reverse username.
Password may not contain ‘cisco’
Check to specify that the password cannot contain the word cisco.
Password may not contain
Check to specify that the password does not contain the string that you enter.
Password may not contain repeated
characters four or more times consecutively
characters four or more times consecutively
Check to specify that the password cannot repeat characters four or more times
consecutively.
consecutively.
Password must contain at least one character of each of the selected types
Lowercase alphabetic characters
Password must contain at least one lowercase alphabetic character.
Upper case alphabetic characters
Password must contain at least one uppercase alphabetic character.
Numeric characters
Password must contain at least one numeric character.
Non alphanumeric characters
Password must contain at least one nonalphanumeric character.
Table 8-3
Advanced Tab
Options
Description
Account Disable
Supports account disablement policy for internal users.
Never
Default option where accounts never expire. All internal users who got disabled
because of this policy, are enabled if you select this option.
because of this policy, are enabled if you select this option.
Disable account if Date exceeds
Internal user is disabled when the configured date exceeds. For example, if the
configured date is 28th Dec 2010, all internal users will be disabled on the
midnight of 28th Dec, 2010.
configured date is 28th Dec 2010, all internal users will be disabled on the
midnight of 28th Dec, 2010.
The configured date can either be the current system date or a future date. You
are not allowed to enter a date that is earlier than the current system date.
are not allowed to enter a date that is earlier than the current system date.
All the internal users who get disabled due to Date exceeds option are enabled
according to the configuration changes made in the Date exceeds option.
according to the configuration changes made in the Date exceeds option.
Disable account if Days exceed
Internal user is disabled when the configured number of days exceed. For
example, if the configured number of days to disable the account of a user is 60
days, that particular user will be disabled after 60 days from the time account
was enabled.
example, if the configured number of days to disable the account of a user is 60
days, that particular user will be disabled after 60 days from the time account
was enabled.
Disable account if Failed Attempts Exceed Internal user is disabled when the successive failed attempts count reaches the
configured value. For example, if the configured value is 5, the internal user will
be disabled when the successive failed attempts count reaches 5.
be disabled when the successive failed attempts count reaches 5.
Reset current failed attempts count on
submit
submit
If selected, failed attempts counts of all the internal users is set to 0.
All internal users who were disabled because of Failed Attempts Exceed option
are enabled.
are enabled.
Password History
Table 8-2
Password Complexity Tab (continued)
Option
Description