Brocade OS Command Reference Manual Supporting Fabric OS v6.0.0 (53-1000599-01, October 2007)

ManualsBrandsHP ManualsComputer AccessoriesHP DC SAN Director Switch Multiprotocol Extension Blade Option

391

392

393

394

395

396

397

398

399

400

Fabric OS Command Reference 371

53-1000599-01

passwdCfg

-maxpasswordage value

Specifies the maximum number of days that can elapse before a password

must be changed. This is the password expiration period.

-maxpasswordage can be set at 0 to 999. Setting this parameter to 0

disables password expiration. The default value is 0. When -maxpasswordage

is set to a nonzero value, -minpasswordage must be set to a value less than

or equal to -maxpasswordage.

-warning value

Specifies the number of days prior to password expiration that a warning of

password expiration is displayed. The valid range for -warning is 0 to 999. The

default value to 0.

-lockoutthreshold value

Specifies the number of times a user can specify an incorrect password

during login before the account is locked. The number of failed login attempts

is counted from the last successful login.Values for -lockoutthreshold range

from 0 to 999. Setting this parameter to 0 disables the lockout mechanism.

The default value is 0.

-lockoutduration value

Specifies the time, in minutes, after which a previously locked account

automatically unlocks. lockoutduration values range from 0 to 9999. The

default value is 30. Setting this parameter to 0 disables lockout duration,

requiring an administrative action to unlock the account. The lockout

duration begins with the first login attempt after the lockout threshold has

been reached. Subsequent failed login attempts do not extend the lockout

period.

--enableadminlockout

Enables the admin lockout policy and sets the config parameter

"passwdcfg.adminlockout" to 1. If the parameter

"passwdcfg.lockoutthreshold" is set to greater than 0 and Admin Lockout

policy is enabled, then, if the number of failed login attempts from the last

successful login equals the "passwdcfg.lockoutthreshold", the account gets

locked for the "passwdcfg.lockoutduration" duration. The particular account

is unlocked manually using userconfig --change account name-u (requires

root/factory/security admin/admin privileges) or it will automatically get

unlocked after "passwdcfg.lockoutduration" duration.

-repeat value Specifies the length of repeated character sequences that will be

disallowed.For example, if the "repeat" value is set to 3, a password

"passAAAword" is disallowed because it contains the repeated sequence

"AAA". A password of "passAAword" would be allowed because no repeated

character sequence exceeds two characters. The range of allowed values is

1-40.

-sequence value

Specifies the length of sequential character sequences that will be

disallowed. A sequential character sequence is defined as a character

sequence in which the ASCII value of each contiguous character differs by

one. The ASCII value for the characters in the sequence must all be

increasing or all decreasing. For example, if the "sequence" value is set to 3, a