|
HP OpenVMS Systemsask the wizard |
|
The Question is: How can I display digital password control features have been implemented. Parameters of particular concern are:PWDMIN - password minimum length, PWDLIFETIME - number of days before a password change is forced, PWDCHANGE - date the password was last chan ged, PASSWORD_HISTORY_LIFETIME and PASSWORD_HISTORY_LIMIT. Are these parameters defined at the system or user level? The Answer is : Please contact your system or site security manager for assistance; the OpenVMS Wizard could assume that you are not the system manager. The PASSWORD_HISTORY_LIFETIME and PASSWORD_HISTORY_LIMIT values are implemented as system executive logical names SYS$PASSWORD_HISTORY_LIFETIME and SYS$PASSWORD_HISTORY_LIMIT. These settings apply to all users on the system. There is no way to set different limits for individual users, and unprivileged users cannot alter these values. If the logical names are defined, you can translate them to discover the lifetime and the limit. If these logical names are not defined, the default lifetime is 365 days and the default limit is 60. PWDMIN, PWDLIFTIME and PWDCHANGE are per-user, and are defined within the system security database. The contents and settings of the system security database can be managed by privileged users with tools such as the AUTHORIZE utility. There is no default mechanism for an unprivileged user to display UAF entries, though the system service sys$getuai can be used to request the details of the user's own UAF record. Example programs using sys$getuai are available. Please see the OpenVMS FAQ for pointers to sources of examples. And please consult with your local system manager, and with the OpenVMS system security documentation.
|