Random Password Policy
You can use the Local User Random Password policy to randomly change a local user account password on a pre-defined basis.
To access this page, do the following steps:
1. Click the Tasks tab.
2. In the left pane, navigate to Tasks > Security Management > Local Security > Windows > Local User Tasks.
Item | Description |
---|---|
Enable | Enable the policy. Name Password Policy name. |
Description | Password Policy description. |
Applies To | Click to open the Collection Selector dialog to select the collection you want the policy to apply to.Note – We don't recommend changing the default collection. |
User Account | Select the type of user account the policy applies to:
|
Password Change Interval | Select the interval between password changes. Enter the time and select the format in Seconds, Minutes, Hours, or Days in the drop- down list. |
Password Length | Enter the number of characters to be used for the randomly generated password. |
Password Options | Select the options to be considered for password generation from:
|
Require Client Authorization Change Password Request | Select to enable communication between the Local Security Agent and the Notification Server before the password is changed. This means both the password change request and the change are logged before the change actually occurs. An NSE is then generated which ensures the password change request and subsequent change are never lost. |
Apply | Click to save changes |
Create a new random password policy
To create a new Random Password Policy
- Click the Tasks tab.
- In the left pane, select Tasks > Security Management > Local Security >
Windows > Local User Tasks. - Right-click Sample Random Password Policy for Administrators and select
Clone in the pop-up menu. - In the Clone Item dialog, enter a policy name.
- In the right pane, select the Enable checkbox and enter a policy description in the appropriate field.
- Click Applies To: to open the Collection Selector dialog and select the collection you want the policy to apply to.
- Configure the Password Change Interval, the Password Length, and the
Password Options as required. - (Optional) select Require Client Authorization Change Password Request.
- Click Apply.
IMPORTANT
For every attempted password change, the Local Security Agent verifies whether there is a service using that account. If one is detected, the password change is not performed and an event is logged at the server. The User password change failure report lists all failed password changes. See Reports Tab (page 13).