4.1.8 Customizing conditions for weak passwords
The strength of a password is displayed in Password Strength under Account Details in OS Security Details. You can use the password definition file (jdng_security.xml) to customize conditions to determine whether a password is weak.
- Organization of this subsection
(1) Applying the definition to new agents to be installed
Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor. Then, specify the definition file in Files to Be Deployed Settings under Agent Installer Configuration Items of the installation set for the agents.
File to Be Deployed: jdng_security.xml
Expand Folder: Select %ITDM2AGT%\conf from the drop-down list.
(2) Applying the definition to existing environments
- For agent management:
-
Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Agent-installation-folder\jp1itdma\conf folder.
- For agentless management:
-
Create a password definition file (named jdng_security.xml) containing the code shown in Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Manager-installation-folder\bin\miniagent folder.
Note that the definition file is not applied to agentless computers for which the search is already completed. You must place the definition file before the search is performed.
(3) Settings in jdng_security.xml
jdng_security.xml contains information in XML format. Installing an agent deploys the XML file containing the following code:
<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>1</NoPassword> <UserAccount>15</UserAccount> <ComputerName>7</ComputerName> <Password>password</Password> <Password>PASSWORD</Password> <Password>Password</Password> <Password>admin</Password> <Password>ADMIN</Password> <Password>Admin</Password> <Password>administrator</Password> <Password>ADMINISTRATOR</Password> <Password>Administrator</Password> </PasswordCheck> </Security> |
You can edit element contents in the <Security> and <PasswordCheck> elements to customize conditions to determine whether a password is weak.
Element |
Description |
Value |
Default |
---|---|---|---|
NoPassword |
Specify whether to check for a blank password. When any value other than 0 or 1 is specified, the system checks for a blank password. |
0: Checks for a blank password. 1: Does not check for a blank password. |
1 |
UserAccount |
Specify how to determine whether a password includes the user account. Specify the sum (from 1 to 15) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items. |
0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase. 8: Checks for an exact match with the user account. |
15 |
ComputerName |
Specify how to determine whether a password includes the computer name. Specify the sum (from 1 to 7) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items. |
0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase. |
7 |
Password |
Specify keywords to check whether any of the keywords is used as a password. |
Any keyword |
password PASSWORD admin ADMIN Admin administrator ADMINISTRATOR Administrator |
The following example disables the password check:
<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>0</NoPassword> <UserAccount>0</UserAccount> <ComputerName>0</ComputerName> </PasswordCheck> </Security> |