Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
19.2. Viewing Password Policies
There can be multiple password policies configured in IdM. There is always a global policy, which is set when the server is created. Additional policies can be created for groups in IdM.
The UI lists all of the group password policies and the global policy on the Password Policies page.
Using the CLI, both global and group-level password policies can be viewed using the
pwpolicy-show command. The CLI can also display the password policy in effect for a user.
19.2.1. Viewing the Global Password Policy
링크 복사링크가 클립보드에 복사되었습니다!
The global password policy is created as part of the initial IdM server setup. This policy applies to every user until a group-level password policy supersedes it.
The default settings for the global password policy are listed in Table 19.2, “Default Global Password Policy”.
| Attribute | Value |
|---|---|
| Max lifetime | 90 (days) |
| Min lifetime | 1 (hour) |
| History size | 0 (unset) |
| Character classes | 0 (unset) |
| Min length | 8 |
| Max failures | 6 |
| Failure reset interval | 60 |
| Lockout duration | 600 |
19.2.1.1. With the Web UI
링크 복사링크가 클립보드에 복사되었습니다!
- Click the Policy tab, and then click the Password Policies subtab.
- All of the policies in the UI are listed by group. The global password policy is defined by the global_policy group. Click the group link.
- The global policy is displayed.
19.2.1.2. With the Command Line
링크 복사링크가 클립보드에 복사되었습니다!
To view the global policy, simply run the
pwpolicy-show command with no arguments:
19.2.2. Viewing Group-Level Password Policies
링크 복사링크가 클립보드에 복사되었습니다!
19.2.2.1. With the Web UI
링크 복사링크가 클립보드에 복사되었습니다!
- Click the Policy tab, and then click the Password Policies subtab.
- All of the policies in the UI are listed by group. Click the name of the group which is assigned the policy.
- The group policy is displayed.
19.2.2.2. With the Command Line
링크 복사링크가 클립보드에 복사되었습니다!
For a group-level password policy, specify the group name with the command:
19.2.3. Viewing the Password Policy in Effect for a User
링크 복사링크가 클립보드에 복사되었습니다!
A user may belong to multiple groups, each with their own separate password policies. These policies are not additive. Only one policy is in effect at a time and it applies to all password policy attributes. To see which policy is in effect for a specific user, the
pwpolicy-show command can be run for a specific user. The results also show which group policy is in effect for that user.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}