PUT /userAccountSettings
Use this method to modify the security settings for the user accounts.
Authentication
Authentication with username and password is required.
Request URL
PUT https://{management_server_IP}/userAccountSettings
Query parameters
None
Request body
| Attributes | Required / Optional | Type | Description |
|---|---|---|---|
| InactivityTimeout | Required | Integer | Amount of time, in minutes, that a user session that is established with the Lenovo XClarity Administrator can be inactive before the user is logged off. If set to 0, the web session never expires. The default is 1 minute. |
| LockoutTime | Required | Integer | Minimum amount of time, in minutes, that must pass before a user that was locked out can attempt to log back in again. If set to 0, the account remains locked until an administrator explicitly unlocks it. A setting of 0 might make your system more exposed to serious denial of service attacks, where deliberate failed login attempts can leave accounts permanently locked. The default is 60 minutes. |
| MaxConcurrentSessions | Required | Integer | Maximum number of active sessions for a specific user that is allowed at any given time. If set to 0, the number of allowed active sessions for a specific user is unlimited. The default is 3 sessions. |
| MaximumLoginFailures | Required | Integer | Maximum number of times that a user can attempt to log in with an incorrect password before the user account is locked out. The number specified for the lockout period after maximum login failures determines how long the user account is locked out. Accounts that are locked cannot be used to gain access to the system even if a valid password is provided. If set to 0, accounts are never locked. The failed login counter is reset to zero after a successful login. The default is 20 occurrences. |
| MaximumPasswordExpiration | Required | Integer | Amount of time, in days, that a user can use a password before it must be changed. Smaller values reduce the amount of time for attackers to guess passwords. If set to 0, passwords never expire. The default is 90 days. Note This value applies only when the user accounts are managed locally on the management server using the internal authentication server. They are not used when the external authentication server is used. |
| MaximumPasswordLength | Required | Integer | Maximum number of characters that can be used to specify a valid password The default is 20 characters. Note This value must be equal to or greater than the |
| MinimumChangeTime | Required | Integer | Minimum amount of time, in hours, that must elapse before a user can change a password again after it was previously changed. The value specified for this setting cannot exceed the value specified for the password expiration period. If set to 0, users can change passwords immediately. The default is 24 hours. |
| MinimumDifferentChars | Required | Integer | Minimum number of characters that must be changed between the current password and a new password when the password is changed The default is 2 characters. Note This value must not exceed the |
| MinimumPasswordLength | Required | Integer | Minimum number of characters that can be used to specify a valid password The default is 8 characters. Note This value must not exceed the |
| PasswordChangeFirstAccess | Required | Boolean | Specify if a user is required to change the password when the user logs in to XClarity Administrator for the first time. This can be one of the following values.
|
| PasswordExpirationWarningPeriod | Required | Long | Amount of time, in days, before the password expiration date that users begin to receive warnings about the impending expiration of the user password If set to 0, users are never warned. The default is 5 days. |
| PasswordHistoryDepth | Required | Integer | Minimum number of times that a user must enter a unique password when changing the password before the user can start to reuse passwords If set to 0, users can reuse passwords immediately. The default is 5 occurrences. |
| SimplePasswordRules | Required | Boolean | This value must be set to false. |
| MinPasswordComplexityRules | Required | Integer | Number of complexity rules that must be followed when creating a new password Rules are enforced starting with rule 1, and up to the number of rules specified. For example, if the password complexity is set to 4, then rules 1, 2, 3 and 4 must be followed. If the password complexity is set to 2, then rules 1 and 2 must be followed. This can be a value from 0 – 5. The default is 4. XClarity Administrator supports the following password complexity rules.
If set to 0, passwords are not required to comply with any complexity rules. |
{
"InactivityTimeout": 1440,
"LockoutTime": 60,
"MaxConcurrentSessions": 3,
"MaximumLoginFailures": 20,
"MaximumPasswordExpiration": 90,
"MaximumPasswordLength": 20,
"MinimumChangeTime": 24,
"MinimumDifferentChars": 2,
"MinimumPasswordLength": 8,
"PasswordChangeFirstAccess": false,
"PasswordExpirationWarningPeriod": 5,
"PasswordHistoryDepth": 5,
"SimplePasswordRules": false,
"MinPasswordComplexityRules": 5
}
Response codes
| Code | Description | Comments |
|---|---|---|
| 204 | No Content | The request completed successfully, but no response content is returned. |
| 400 | Bad Request | A query parameter or request attribute is missing or not valid, or the operation is not supported. A descriptive error message is returned in the response body. |
| 409 | Conflict | There is a conflict with the current state of the resource. A descriptive error message is returned in the response body. |
| 500 | Internal Server Error | An internal error occurred. A descriptive error message is returned in the response body. |
Response body
None