Filter
Top Products
19-76
Cisco ONS 15454 SDH Procedure Guide, R7.2
October 2007
Chapter 19 DLPs D200 to D299
DLP- D271 Change Node Security Policy on a Single Node
Step 2 If you want to modify the idle user timeout period, click the hour (H) and minute (M) arrows in the Idle
User Timeout area for the security level you want to provision: RETRIEVE, MAINTENANCE,
PROVISIONING, or SUPERUSER ONLY. The idle period time range is 0 and 16 hours, and 0 and 59
minutes. The user is logged out after the idle user timeout period is reached.
Step 3 In the User Lockout area, you can modify the following:
• Failed Logins Before Lockout—The number of failed login attempts a user can make before the user
is locked out from the node. You can choose a value between 0 and 10.
• Manual Unlock by Superuser only—Allows a user with SUPERUSER ONLY privileges to manually
unlock a user who has been locked out from a node.
• Lockout Duration—Sets the amount of time the user will be locked out after a failed login. You can
choose a value between 0 and 10 minutes, and 0 and 55 seconds (in five-second intervals).
Step 4 In the Password Change area, you can modify the following:
• Prevent Reusing Last [ ] Passwords—Choose a value between 1 and 10 to set the number of different
passwords the user must create before they can reuse a password.
• New Password must Differ from the Old Password—Choose the number of characters that must
differ between the old and new password. The default number is 1.
• Cannot Change New Password for [ ] days—If checked, prevents users from changing their
password for the specified period. The range is 20 to 95 days.
• Require Password Change on First Login to New Account—If checked, requires users to change
their password the first time they log into their account.
Step 5 To require users to change their password at periodic intervals, check the Enforce Password Aging check
box in the Password Aging area. If checked, provision the following parameters:
• Aging Period—Sets the amount of time that must pass before the user must change their password
for each security level: RETRIEVE, MAINTENANCE, PROVISIONING, SUPERUSER ONLY.
The range is 20 to 95 days.
• Warning—Sets the number days the user will be warned to change his or her password for each
security level. The range is 2 to 20 days.
Step 6 In the Other area, you can provision the following:
• Single Session Per User—If checked, limits users to one login session at one time.
• Disable Inactive User—If checked, disables users who do not log into the node for the period of time
specified in the Inactive Duration box. The Inactive Duration range is 45 to 90 days.
Step 7 Click Apply.
Step 8 Return to your originating procedure (NTP).