Managing Global Security Policy
In the Global Security Policy dialog you specify restrictions for the user passwords of a User Management, for example, the validity period of passwords and case sensitivity. By this way you can adjust the log-on security level of Infor BI products.
To open the dialog, right-click the User Management in the tree and select . Select the check boxes of the restrictions, and select a value, if required.
The password restrictions of the Global Security Policy are active by default. To disable the Global Security Policy, clear the check box Use Global Security Policy. This hides the tab Password Restrictions in the dialog of the user properties:
You can define these password restrictions:
| Restriction | Description |
|---|---|
| Maximum number of failed log-on attempts |
Specifies the number of failed log-on attempts which is allowed before a user account is disabled. With the permission Administer Users and Groups you can reactivate the account: |
| Minimum length | Specifies the minimum number of characters a password must contain. |
| Maximum length | Specifies the maximum number of characters a password may contain. |
| Validity period (in days) |
Specifies the number of days, after which the user must enter a new password. The values refers to the number of days since the last password change. In the User Properties dialog you can specify for each user, whether the password expires. See option Password never expires: |
| Maximum number of character repetitions | Specifies, how many consecutive identical characters a password may have (one: aaba, two: aaab). |
| Number of entries in the password history | Specifies the number of passwords that are stored in the password history. When a user enters a new password it must not be contained in the password history of his account. |
| Case-sensitive | Specifies whether passwords are case-sensitive. |
| Allow user name as password | Specifies, whether the user name may be used as password. |
| Character type restrictions | Specifies, whether passwords must contain at least one character of these types: lower-case letters, upper-case letters, numbers, special characters. Special characters are: !, “, #, $, %, &, ‘, (, ), *, +, ,, -, ., /, :, ;, <, =, >, ?, @, [, \, ], ^, _, `, {, |, }, ~, and spaces. |
-
To manage the Global Security Policy, you require the User Management permission Administer Users and Groups:
-
The administrator can reactivate a disabled user account in the User Properties dialog of the user and thereby reset the number of failed log-on attempts to 0:
- To prevent the account of the last user with administration permissions from being locked, we recommend to create a Windows user with the permission Administer Users and Groups.