Brocade Fabric OS Command Reference Manual Supporting Fabric OS v7.0.0 (April 2011)
550 Fabric OS Command Reference
53-1001764-01
passwdCfg
22
-maxpasswordage value
Specifies the maximum number of days that can elapse before a password must
be changed. This is the password expiration period. -maxpasswordage can be
set at 0 to 999. Setting this parameter to 0 disables password expiration. The
default value is 0. When -maxpasswordage is set to a nonzero value,
-minpasswordage must be set to a value less than or equal to
-maxpasswordage.
-warning value
Specifies the number of days prior to password expiration that a warning of
password expiration is displayed. The valid range for -warning is 0 to 999. The
default value to 0.
-lockoutthreshold value
Specifies the number of times a user can specify an incorrect password during
login before the account is locked. The number of failed login attempts is counted
from the last successful login. Values for -lockoutthreshold range from 0 to 999.
Setting this parameter to 0 disables the lockout mechanism. The default value is
0.
-lockoutduration value
Specifies the time, in minutes, after which a previously locked account
automatically unlocks. lockoutduration values range from 0 to 99999. The
default value is 30. Setting this parameter to 0 disables lockout duration, requiring
an administrative action to unlock the account. The lockout duration begins with
the first login attempt after the lockout threshold has been reached. Subsequent
failed login attempts do not extend the lockout period.
--enableadminlockout
Enables the admin lockout policy and sets the config parameter
"passwdcfg.adminlockout" to 1. If the parameter "passwdcfg.lockoutthreshold" is
set to greater than 0 and Admin Lockout policy is enabled, then, if the number of
failed login attempts from the last successful login equals the
"passwdcfg.lockoutthreshold", the account gets locked for the
"passwdcfg.lockoutduration" duration. The particular account is unlocked
manually using userconfig --change account_name -u or it is automatically
unlocked after "passwdcfg.lockoutduration" duration.
-repeat value
Specifies the length of repeated character sequences that will be disallowed. For
example, if the "repeat" value is set to 3, a password "passAAAword" is disallowed
because it contains the repeated sequence "AAA". A password of "passAAword"
would be allowed because no repeated character sequence exceeds two
characters. The range of allowed values is 1 to 40.
-sequence value
Specifies the length of sequential character sequences that will be disallowed. A
sequential character sequence is defined as a character sequence in which the
ASCII value of each contiguous character differs by one. The ASCII value for the
characters in the sequence must all be increasing or all decreasing. For example,
if the "sequence" value is set to 3, a password "passABCword" is disallowed
because it contains the sequence "ABC". A password of "passABword" would be
allowed because no repeated character sequence exceeds two characters. The
range of allowed values is 1 to 40. The default value is 1.
--disableadminlockout
Disables the admin lockout policy if already enabled and sets the config
parameter "passwdcfg.adminlockout" to 0. By default, admin lockout policy is
disabled.