Several system settings affect user accounts and logins to the HCP System Management Console and Search Console (for the default namespace only). To view and change these settings, you use the Console Security page in the System Management Console.
To display the Console Security page, in the top-level menu of the System Management Console, select Security ► Console Security.
Roles: To view and change user account and login settings, you need include the security role.
User account and login settings control:
•The number of days after which locally authenticated users are automatically forced to change their passwords. Valid values are integers in the range zero through 999,999. The default is 180 days. A value of zero means users are never automatically forced to change their passwords.
•The consecutive number of times a locally authenticated or RADIUS-authenticated user can enter an incorrect password before the user account is automatically disabled. Valid values are integers in the range zero through 999. The default is five. A value of zero means accounts are never disabled due to failed login attempts.
After a user account is automatically disabled, you need to reenable it manually to allow the user to log in again. For information on doing this, see Modifying a user account.
If the last locally authenticated user account with the security role is disabled due to failed login attempts, it is reenabled automatically after one hour.
•The number of days an HCP user account can remain inactive before it’s automatically disabled. Valid values are integers in the range zero through 999. The default is 180 days. A value of zero means accounts are never automatically disabled due to inactivity.
The last locally authenticated user account with the security role is never automatically disabled due to inactivity.
•The number of minutes a System Management Console or Search Console session can be inactive before it times out. Valid values are integers in the range zero through 999. The default is ten minutes. A value of zero means Console sessions never time out due to inactivity.
If HCP is configured to use Active Directory, domain user sessions always time out after fifteen minutes while using the System Management Console or Search Console. The Active Directory inactivity timer does not reset when you use HCP.
oIf the user explicitly logged in, the Console login page appears.
oIn the case of single sign-on, the Console displays the selected page in the System Management Console or the Simple Search page in the Search Console, as applicable.
Tip: If the HCP system supports AD and has no HCP user accounts, the recommended session timeout interval is eight hours. In this case, AD users should ensure that their screens are set to lock automatically after a short amount of idle time.
•Message text to appear on the login pages of the System Management Console and the Search Console for the default tenant. This text is optional. If specified, it can be up to 1,024 characters long and can contain any valid UTF-8 characters, including white space.
The text you specify appears at the bottom of the login pages. You can use this text, for example, for messages such as “Authorized Users Only” or “Welcome to the Example Corporation HCP System.
•In the Login Settings section:
1.Make the changes you want.
2.Click on Update Settings.
•In the Login Message section:
1.Type the message you want.
2.Click on Update Login Message.
© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.