4.1.8 Customizing conditions for weak passwords

(1) Applying the definition to new agents to be installed

Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor.

Click the Create Agent Installer button in the line of Agent Configuration Name which you want to apply a password definition file, under the Windows Agent Configurations and Create Agent Installers in the Settings module.

In the Create Agent Installer dialog box that appears, click the Add button in Files to Be Deployed Settings under Agent Installer Configuration Items and specify the following information:

File to Be Deployed: jdng_security.xml

Expand Folder: Select %ITDM2AGT%\conf from the drop-down list.

To Page Top

(2) Applying the definition to existing environments

For agent management:

Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Agent-installation-folder\jp1itdma\conf folder.

For agentless management:

Create a password definition file (named jdng_security.xml) containing the code shown in Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Manager-installation-folder\bin\miniagent folder.

Note that the definition file is not applied to agentless computers for which the search is already completed. You must place the definition file before the search is performed.

To Page Top

(3) Settings in jdng_security.xml

jdng_security.xml contains information in XML format. Installing an agent deploys the XML file containing the following code:

<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>1</NoPassword> <UserAccount>15</UserAccount> <ComputerName>7</ComputerName> <Password>password</Password> <Password>PASSWORD</Password> <Password>Password</Password> <Password>admin</Password> <Password>ADMIN</Password> <Password>Admin</Password> <Password>administrator</Password> <Password>ADMINISTRATOR</Password> <Password>Administrator</Password> </PasswordCheck> </Security>

You can edit element contents in the <Security> and <PasswordCheck> elements to customize conditions to determine whether a password is weak.

Element	Description	Value	Default
NoPassword	Specify whether to check for a blank password. When any value other than 0 or 1 is specified, the system checks for a blank password.	0: Checks for a blank password. 1: Does not check for a blank password.	1
UserAccount	Specify how to determine whether a password includes the user account. Specify the sum (from 1 to 15) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items.	0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase. 8: Checks for an exact match with the user account.	15
ComputerName	Specify how to determine whether a password includes the computer name. Specify the sum (from 1 to 7) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items.	0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase.	7
Password	Specify keywords to check whether any of the keywords is used as a password.	Any keyword	password PASSWORD admin ADMIN Admin administrator ADMINISTRATOR Administrator

The following example disables the password check:

<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>0</NoPassword> <UserAccount>0</UserAccount> <ComputerName>0</ComputerName> </PasswordCheck> </Security>

To Page Top