consoleSecurity

Content Platform Tenant Management Help

Version
9.7.x
File Size
4269 KB
Audience
anonymous
Part Number
MK-95HCPH002-19

The consoleSecurity data type describes the consoleSecurity resource for tenants.

Properties

The table below describes the properties included in the consoleSecurity data type.

Property name Data type Description Notes
automaticUserAccoutUnlockDuration Integer Specifies the amount of time an HCP user account can remain locked. Valid values are integers in the range zero through 999. A value of zero means accounts are never automatically unlocked. The default is 5 minutes.  
automaticUserAccountUnlockSetting boolean Specifies whether the automatic unlock setting is active. True if the setting is active; otherwise, False.  
blockCommonPassword boolean Specifies whether the setting to detect and block known or weak passwords is active.  
blockPasswordReUse boolean Specifies whether the setting to detect and block password reuse is active.  
coolDownPeriodDuration Integer Specifies the amount of time an HCP user account can remain locked due to failed login attempts. Valid values are integers in the range zero through 999. A value of zero means accounts are never automatically unlocked. The default is 5 seconds.  
coolDownPeriodSettings boolean Specifies whether the cool down period setting is active. True if the setting is active; otherwise, False.  
disableAfterAttempts Integer

Specifies the number of times a locally authenticated or RADIUS-authenticated user can enter an incorrect password before the user account is automatically disabled. Valid values are integers in the range zero through 999. The default is five.

A value of zero means accounts are never disabled due to failed login attempts.

If the last locally authenticated user account with the security role is disabled due to failed login attempts and no group accounts have the security role, the user account is reenabled automatically after one hour.
disableAfterInactiveDays Integer

Specifies the number of days an HCP user account can remain inactive before it’s automatically disabled. Valid values are integers in the range zero through 999. The default is 180 days.

A value of zero means accounts are never automatically disabled due to inactivity.

If no group accounts have the security role, the last locally authenticated user account with the security role is not automatically disabled due to inactivity.

forcePasswordChangeDays

Integer

Specifies the number of days after which locally authenticated users are automatically forced to change their passwords. Valid values are integers in the range zero through 999,999. The default is 180 days.

A value of zero means users are never automatically forced to change their passwords.

ipSettings ipSettings Specifies which IP addresses can and cannot access the Tenant Management Console.
loginMessage String Specifies message text to appear on the login page of the Tenant Management Console and Search Console. This text is optional. If specified, it can be up to 1,024 characters long and can contain any valid UTF-8 characters, including white space.
logoutOnInactive Integer Specifies the number of minutes a Tenant Management Console or Search Console session started with an explicit login can be inactive before it times out. Valid values are integers in the range zero through 999. The default is ten.
lowerCaseLetterCount Integer Specifies the number of lowercase letters (a through z). The default is 1.  
minimumPasswordLength Integer Specifies the minimum number of characters for user account passwords. Valid values are integers in the range two through 64. The default is 6.  
numericCharacterCount Integer Specifies the number of numeric characters required. The default is 1.  
passwordCombination boolean Specifies whether the password complexity rules are enforced (for example, length, number of uppercase and lowercase letters).  
passwordContainsUsername boolean Specifies whether the password can contain username. True if the setting is active; otherwise, False.  
passwordReuseDepth Integer Specifies the number of previous passwords remembered. The default is 5.  
specialCharacterCount Integer Specifies the number of Non-alphanumeric characters (for example: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/). The default is 1.  
upperCaseLetterCount Integer Specifies the number of uppercase letters (A through Z). The default is 1.  

Example

Here’s an XML example of the consoleSecurity data type:

<consoleSecurity>
<automaticUserAccountUnlockSetting>false</automaticUserAccountUnlockSetting> 
<automaticUserAccoutUnlockDuration>0</automaticUserAccoutUnlockDuration> 
<blockCommonPassword>false</blockCommonPassword> 
<blockPasswordReUse>false</blockPasswordReUse> 
<coolDownPeriodDuration>5</coolDownPeriodDuration> 
<coolDownPeriodSettings>false</coolDownPeriodSettings> 
<disableAfterAttempts>5</disableAfterAttempts> 
<disableAfterInactiveDays>180</disableAfterInactiveDays> 
<forcePasswordChangeDays>180</forcePasswordChangeDays> 
    <ipSettings> 
	<allowAddresses>  
		<ipAddress>192.168.103.18</ipAddress>
             <ipAddress>192.168.103.24</ipAddress>
             <ipAddress>192.168.103.25</ipAddress>
	</allowAddresses> 
	<lowlfInBothLists>false</lowlfInBothLists> 
	<denyAddresses/> 
    </ipSettings> 
<loginMessage> </loginMessage>
<logoutOnInactive>10</logoutOnInactive> 
<lowerCaseLetterCount>0</lowerCaseLetterCount> 
<minimumPasswordLength>6</minimumPasswordLength> 
<numericCharacterCount>0</numericCharacterCount> 
<passwordcombination>false</passwordcombination> 
<passwordContainsUsername>true</passwordContainsUsername> 
<passwordReuseDepth>4</passwordReuseDepth> 
<specialCharacterCount>0</specialCharacterCount> 
<upperCaseLetterCount>0</upperCaseLetterCount> 
</consoleSecurity>