Setting Security Provider
A security provider provides the system with security information about user groups and users, as well as checks user passwords for validity.
To select the security provider of the system, on the Navigation Tree, click Rights and Privileges, and select Security Provider.
You can select one of the following options:
-
Active Directory. The system is supported by Active Directory Authentication, which is based on (and integrated with) the security system of Windows NT.
-
Default. The default provider presents an ordinary security model dealing with roles, groups and users, which are kept in the MS database. The default provider does not interact with security systems.
-
Strong password provider. The Strong Password Provider supports the same security model as the default provider, but applies stricter rules to passwords. In particular it supports password history, length limitation and expiration period. If you select this option, you can specify the following settings:
-
Number of passwords stored in the history: The valid values are integers in the range 0 - 100. This value specifies the number of last used passwords that the system remembers for each user. The system does not allow assigning a new password, if it is in the password history. Zero value disables this functionality. The default value is 15.
-
Minimum password length: The valid values are integers in the range 0 - 128. The value specifies the minimum password length. Zero value disables this functionality. The default value is equal to 7.
-
Password age in days: The valid values are integers in the range 0 - 365. The value specifies the number of days after which the password will expire. Zero value disables this functionality. The default value is 30 days.
-
Password must meet complexity requirements: This check box enables validation of complexity requirements for the password. These requirements include the following rules: within the password string user must use at least three characters out of the four types of characters: digits (0-9), upper case alpha characters (A-Z), lower case alpha characters (a-z), and special characters which are pretty much the rest of the keyboard.
-
Force a new user to change the password at first logon: If you select this check box, a user must change the password at the first logon, in case an administrator does not set a password for the user.
Note: All the settings of the Strong Password Provider are global and have effect for all users.
-
Show SSO: Select this check box and the Active Directory option, to enable the user to sign in to the system by clicking the SSO link on the Login page, without having to type the name and password each time.
-
Enable Active Directory Group Lookup: to allow searching and importing user groups on the Importing a User Group page.