The options for user-account management rules are described below.
- Log user out if inactive more than (minutes)
- Number of consecutive minutes an HCP S Series Management Console session can be idle before it automatically ends. Valid values are 0 and integers in the range 5 through 720. On a new S Series Node, the default is 10.
- A value of 0 disables this option, meaning that Console sessions never automatically end due to inactivity.
- Prevent retry after failed login for (seconds)
- Number of seconds during which a user account cannot be used to log in to the HCP S Series Management Console after each failed login attempt with that account. Valid values are integers in the range 0 through 300. On a new S Series Node, the default is 5.
- A value of 0 disables this option, meaning that user accounts can be used in new login attempts without any delay after failed login attempts.
- Disable user account after failed login attempts
- Number of consecutive times a user can try to access the S Series Node with an incorrect or missing password before the applicable user account is automatically disabled. This limit takes into account both attempts to log in to the HCP S Series Management Console and attempts to access the S Series Node through the HCP S Series management API.
- Valid values are 0 and integers in the range 3 through 99. On a new S Series Node, the default is 5.
- A value of 0 disables this option, meaning that user accounts are not automatically disabled due to failed login attempts.
- When a user account is re-enabled after being disabled due to failed login attempts, the count of failed login attempts starts again from zero.
- The last user account with the security role is never automatically disabled due to failed login attempts.
- Automatically re-enable user account after (minutes)
- Number of minutes until a user account is automatically re-enabled after being disabled due to consecutive failed login attempts. Valid values are integers in the range 0 through 60. On a new S Series Node, the default is 60.
- A value of 0 disables this option, meaning that user accounts are not automatically re-enabled after being disabled due to consecutive failed login attempts. In this case, the affected user accounts must be re-enabled manually.
- Disable user account if inactive more than (days)
- Number of consecutive days a user account can be unused before it is automatically disabled. Valid values are integers in the range 0 through 999. On a new S Series Node, the default is 180.
- A value of 0 disables this option, meaning that user accounts are never automatically disabled due to inactivity.
- The last user account with the security role is never automatically disabled due to inactivity.