Users—Authentication Policy—Edit Authentication Policy Dialog Box

Description

Use the Users—Authentication Policy—Edit Authentication Policy dialog box to edit a user account authentication policy maximum login attempts and access window.

Click Settings > User > Authentication Policy. Click the Edit link in the Actions column.

Permissions

Superuser

Dialog Elements

Status drop-down list box—The user account status can be either UNLOCKED (the default) or LOCKED. If a user account status is UNLOCKED, the user can successfully log in to the JUNOScope software by providing a valid username and password. If the account status is LOCKED, the user is denied access to the JUNOScope software, even if the user provides a valid username and password. The “ The user account is currently locked. Please contact the system administrator.” message appears.

Maximum Login Attempts text box—The maximum number of consecutive failure login attempts allowed within the access window for a user. If a user reaches the maximum number of login attempts, the user status automatically becomes LOCKED. This field can have a value from 0 to 100. If the maximum login attempts is 0, the authentication policy for the user will not be active, the user account will be assumed to be UNLOCKED, and the normal login mechanism will be applied. For the JUNOScope administrator (the initially configured user), the user account is always UNLOCKED.

Access Window text boxes—The access window for a user account starts when the first login failure occurs for the user account and runs until one of the following occurs:

• A user successfully logs in. The access window is then reset.

• A user tries unsuccessfully to log in for the maximum number of login attempts. The user account is then LOCKED and the access window is reset.

  The Access Window field can have a minimum value of 0 (for example, all the minute(s), hour(s), and second(s) fields having a value of 0) and a maximum value of 24 hours (for example, the hour(s) field can have a maximum value of 24, while the minute(s) and second(s) fields have a maximum value of 59). The default value is 0.

  However, individually, the hour(s) field can have a value of from 0 to 24, the minute(s) field can have a value of from 0 to 59, and the second(s) field can have a value of from 0 to 59. If the Access Window field is 0, the authentication policy for the user account will not be active, and the normal login mechanism will always be applied for user accounts whose Access Window field is set to 0.

  The timer for the access window starts when an invalid login attempt is made on a user account. If a user account is not locked and no further invalid login attempt is tried for that account, the timer for the access window is automatically reset either after a time period equal to the access window or if the user successfully logs in to JUNOScope within the access window period.

OK button—Saves the user account authentication policy changes.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.