DCE_SECURITY, Admin Intro, rgy_edit, miscellaneous_commands, policy
*Conan The Librarian (sorry for the slow response - running on an old VAX)
|
VMS Help DCE_SECURITY, Admin Intro, rgy_edit, miscellaneous_commands, policy *Conan The Librarian (sorry for the slow response - running on an old VAX) |
|
po[licy] [organization_name] [-al lifespan | forever]
[-pl passwd_lifespan | forever]
[-px passwd_exp_date | none] [-pm passwd_min_length]
[-pa | -pna] [-ps | -pns]
Changes or displays registry standard policy or the policy for an
organization.
Enter organization_name to display or change policy for that
specific organization. If you do not enter organization_name the
subcommand affects standard policy for the entire registry.
The -al option determines the account's lifespan, the period during
which accounts are valid. After this period of time passes, the
accounts become invalid and must be recreated. An account's
lifespan is also controlled by the add and change subcommands -x
option. If the two lifespans conflict, the shorter one is used.
Enter the lifespan in the following in the following format:
weekswdaysdhourshminutesm
For example, 4 weeks and 5 days is entered as 4w5d.
If you enter only a number and no weeks, days, or hours designation,
the designation defaults to hours. If you end the lifepan with a
number and no weeks, days, or hours designation, the number with no
designation defaults to seconds. For example, 12w30 is assumed to be
12 weeks thirty seconds.
The -pl option determines the password lifespan, the period of time
before account's password expires. Generally, users must change
their passwords when the passwords expire. However, the policy to
handle expired passwords and the mechanism by which users change
their passwords are defined for each platform, usually through the
login facility.
Enter passwd_lifespan as a number indicating the number of days.
If you define a password lifespan as forever, the password has an
unlimited lifespan.
The -px option specifies the password expiration date in
yy/mm/dd/hh.mm:ss format. Generally, users must change their
passwords when the passwords expire. However, the policy to
handle expired passwords and the mechanism by which users change
their passwords are defined for each platform, usually through
the login facility.
If you define a password expiration date as none, the password has
an unlimited lifespan.
The -pm, -ps, -pns, -pa, and -pna options all control the format of
passwords as follows:
+ -pm - Specifies the minimum length of passwords in characters.
If you enter 0, no password minimum length is in effect.
+ -ps and -pns - Specify whether passwords can contain all spaces
(-ps) or can not be all spaces (-pns).
+ -pa and -pna - Specify whether passwords can consist of all
alphanumeric characters (-pn) or must include some non-
alphanumeric characters (-pna).
|
|
