The SEOS class controls the behavior of the native local security system.
The class contains only one record, called SEOS, which specifies general native security options. To view or change the status of SEOS class properties, use the setoptions command.
The following definitions describe the properties contained in this class record. Most properties are modifiable and can be manipulated using selang or the administration interfaces. Non-modifiable properties are marked informational.
Specifies which detected authorized and unauthorized events are audited.
Specifies whether to audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account.
Specifies whether to audit each event of account management on a computer. Examples of account management events include:
Specifies whether to audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) defined.
Specifies whether to audit each instance of a user logging on to or logging off from a computer.
Specifies whether to audit the event of a user accessing an object. For example, a file, folder, registry key, printer, and so on, that has its own system access control list (SACL) defined.
Specifies whether to audit every incident of a change to user rights assignment policies, audit policies, or trust policies.
Specifies whether to audit each instance of a user exercising a user right.
Specifies whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access.
Specifies whether to audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log.
Defines the number of unique new passwords that have to be associated with a user account before an old password can be reused.
Limits: An integer between 1 and 24. If you specify zero, no passwords are saved.
Defines the period of time (in days) that a password can be used before the system requires the user to change it.
Defines the period of time (in days) that a password must be used before the user can change it.
Defines the least number of characters that a password for a user account may contain.
Defines the number of failed logon attempts that causes a user account to be locked out.
Defines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|