|
|
|
The CreatePwdPolicy method creates and configures a password policy.
Syntax
The CreatePwdPolicy method has the following format:
Netegrity::PolicyMgtSession‑>CreatePwdPolicy(pwdPolName, userDir[, pwdPolDesc][, enabledFlag][, entireDirFlag][, path][, class][, allowNestedGroups][, maxLoginFailures][, maxLoginInactive][, expDelay][, expWarningDays][, dicName][, dicMatchLength][, userwait][, pwdSvcRedirect][maxPwdLength][, minPwdLength][, maxPwdRepeatChar][, minPwdAlphaNum][, minPwdAlpha][, minPwdNonAlpha][, minPwdNonPrint][, minPwdNum][, minPwdPunc][, pwdReuseCount][, pwdReuseDelay][, pwdPctDiff][, pwdIgnoreSeq][, profileAttrMatch])
Parameters
The CreatePwdPolicy method accepts the following parameters:
pwdPolName (string)
Specifies the name of the password policy.
userDir (PolicyMgtUserDir object)
Specifies the user directory to which the password policy applies.
pwdPolDesc (string)
(Optional) Specifies the description of the password policy.
enabledFlag (int)
(Optional) Specifies whether the password policy is enabled.
entireDirFlag (int)
(Optional) Specifies whether the password policy applies to the entire LDAP directory or only part of the directory.
Specifies that the password policy applies to the entire LDAP directory.
Specifies that the password policy only applies to part of the LDAP directory.
Note: For part of the LDAP directory, specify the directory path in the path parameter and the class in the class parameter.
path (string)
(Optional) Specifies the part of the directory to which the password policy applies.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
class (string)
(Optional) Specifies the class to which the password policy applies.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
allowNestedGroups (int)
(Optional) Specifies whether the password policy is associated with the nested groups in the LDAP directory.
Note: Include this parameter when the entireDirFlag parameter is set to 0.
maxLoginFailures (int)
(Optional) Specifies the maximum number of login failures allowed before the user's account is disabled.
maxLoginInactive (int)
(Optional) Specifies the maximum number of days of inactivity allowed before the user's password expires.
expDelay (int)
(Optional) Specifies the number of days a password can be unchanged before it expires.
expWarningDays (int)
(Optional) Specifies the number of days in advance to notify the user that the password is due to expire.
dicName (string)
(Optional) Specifies the location of the dictionary file that lists the words that cannot be used in a password.
dicMatchLength (int)
(Optional) Specifies the minimum number of letters required for dictionary checking.
userwait (int)
(Optional) Specifies the number of minutes an account is disabled before the account is enabled and the user is allowed to attempt logging in again.
pwdSvcRedirect (string)
(Optional) Specifies the URL where the user is redirected when an invalid password is entered.
Note: This must be the URL of the Password Services CGI.
maxPwdLength (int)
(Optional) Specifies the maximum length of a user password.
Note: This value must be greater than the value specified by the parameter minPwdLength.
minPwdLength (int)
(Optional) Specifies the minimum length of a user password.
maxPwdRepeatChar (int)
(Optional) Specifies the maximum number of identical characters that can appear consecutively in a password.
minPwdAlphaNum (int)
(Optional) Specifies the minimum number of alphanumeric characters (A-Z, a-z, 0-9) that a password must contain.
minPwdAlpha (int)
(Optional) Specifies the minimum number of alphabetic characters (A-Z, a-z) that a password must contain.
minPwdNonAlpha (int)
(Optional) Specifies the minimum number of non-alphanumeric characters that a password must contain.
Note: The following are examples of non-alphanumeric characters: "@", "$", and "*".
minPwdNonPrint (int)
(Optional) Specifies the minimum number of non-printable characters that a password must contain.
Note: Non-printable characters are not displayed on a computer screen.
minPwdNum (int)
(Optional) Specifies the minimum number of numeric characters (0-9) that a password must contain.
minPwdPunc (int)
(Optional) Specifies the minimum number of punctuation marks that a password must contain.
Note: Punctuation marks include periods, commas, exclamation points, slashes, hyphens, and dashes.
pwdReuseCount (int)
(Optional) Specifies the number of new passwords that must be used before an old one can be reused.
pwdReuseDelay (int)
(Optional) Specifies the number of days a user must wait before reusing a password.
pwdPctDiff (int)
(Optional) Specifies the percentage of characters contained in a new password that must differ from the characters in the previous password.
Note: A value of 100 specifies that the new password cannot contain any of the characters in the previous password. For more information, see the parameter pwdIgnoreSeq.
pwdIgnoreSeq (int)
(Optional) Specifies whether character position is ignored when the new password is compared to the previous password and the percentage of characters that are different is calculated.
Specifies that character sequence is ignored.
Specifies that character sequence is considered.
Example: If the character "c" is in both the new and previous passwords, but its position in each password is different, then it is considered to be two different characters when the percentage is calculated.
profileAttrMatch (int)
(Optional) Specifies that the minimum character sequence that SiteMinder checks when checking the password against attributes in the user's directory entry.
Return Value
The CreatePwdPolicy method returns one of the following values:
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |