KB-126928: Configuring account policies

Configuring account policies

You have the option to configure login criteria, user rights, passwords, and rules in the Account policies dialog. In the toolbar, click on Account policies.

Image: Account policies dialog

  • In the Authorization tab, you can select from the following options:
    • Authorization by access management
    • Authorization is granted by entering the password that has been set in octoplant.
    • Authorization via operating system
    • Authorization is granted by the domain password.

Note

This setting is only available for users that were synchronized using the Active Directory. – Authorization by operating system and access management – Authorization can be done using both methods. The user can log in using the password set in octoplant or the domain password. – There is the option to activate using Single Sign-On (SSO). Check the checkbox located under Additional options.

Note

When the user attempts to log in for the first time, a message will appear stating that the server offers Single Sign-On and will ask if the user wants to use this feature. –Image: Dialog for activating Single Sign-On

– – In the Password tab, you can specify a time limit for the password, the number of entries in the password history, as well as a random or specific password as the default password for new or reset accounts. You can also specify whether the password must be changed by the user upon first login. – In the Password policy tab, you can set a minimum number of characters as well as the complexity of the password.

Note

If the password you enter does not meet these specifications, a warning

  • ResourcesImages_sharedIconsIcon_Warnung.png
  • will be displayed. You can still, however, change the password as desired.
  • In the Block account tab, you specify whether accounts are to be blocked and according to which rules.
  • In the Deleted users tab, you can specify whether user data for the deleted accounts should be anonymized. This means that the full name of the user (not the username), the email address, and phone number, as well as the stored comment from an account, will be deleted from the database. The user name itself can also be deleted via a separate checkbox. You can anonymize all previously deleted user accounts using the corresponding button.

Note

This step is irreversible.

  • If you want to allow or disallow users to be able to login locally (without a connection to the server), check or clear the corresponding checkbox in the Miscellaneous tab.

Last update: September 15, 2023

Related Articles

IMPRINT | PRIVACY POLICY | COOKIE POLICY

Privacy Preference Center