4.1.8 Customizing conditions for weak passwords
The strength of a password is displayed in Password Strength under Account Details in OS Security Details. You can use the password definition file (jdng_security.xml) to customize conditions to determine whether a password is weak.
- Organization of this subsection
(1) Applying the definition to new agents to be installed
Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor.
Click the Create Agent Installer button in the line of Agent Configuration Name which you want to apply a password definition file, under the Windows Agent Configurations and Create Agent Installers in the Settings module.
In the Create Agent Installer dialog box that appears, click the Add button in Files to Be Deployed Settings under Agent Installer Configuration Items and specify the following information:
File to Be Deployed: jdng_security.xml
Expand Folder: Select %ITDM2AGT%\conf from the drop-down list.
(2) Applying the definition to existing environments
- For agent management:
-
Create a password definition file (named jdng_security.xml) containing the code shown in (3) Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Agent-installation-folder\jp1itdma\conf folder.
- For agentless management:
-
Create a password definition file (named jdng_security.xml) containing the code shown in Settings in jdng_security.xml by using a text editor. Place the definition file in the JP1/IT-Desktop-Management-2-Manager-installation-folder\bin\miniagent folder.
Note that the definition file is not applied to agentless computers for which the search is already completed. You must place the definition file before the search is performed.
(3) Settings in jdng_security.xml
jdng_security.xml contains information in XML format. Installing an agent deploys the XML file containing the following code:
<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>1</NoPassword> <UserAccount>15</UserAccount> <ComputerName>7</ComputerName> <Password>password</Password> <Password>PASSWORD</Password> <Password>Password</Password> <Password>admin</Password> <Password>ADMIN</Password> <Password>Admin</Password> <Password>administrator</Password> <Password>ADMINISTRATOR</Password> <Password>Administrator</Password> </PasswordCheck> </Security> |
You can edit element contents in the <Security> and <PasswordCheck> elements to customize conditions to determine whether a password is weak.
Element |
Description |
Value |
Default |
---|---|---|---|
NoPassword |
Specify whether to check for a blank password. When any value other than 0 or 1 is specified, the system checks for a blank password. |
0: Checks for a blank password. 1: Does not check for a blank password. |
1 |
UserAccount |
Specify how to determine whether a password includes the user account. Specify the sum (from 1 to 15) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items. |
0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase. 8: Checks for an exact match with the user account. |
15 |
ComputerName |
Specify how to determine whether a password includes the computer name. Specify the sum (from 1 to 7) of the values of check items that you want. When a negative value, blank, or value exceeding the maximum value is specified, the system checks all items. |
0: Does not check. 1: Checks if all characters are in lowercase. 2: Checks if all characters are in uppercase. 4: Checks if only the first character is in uppercase. |
7 |
Password |
Specify keywords to check whether any of the keywords is used as a password. |
Any keyword |
password PASSWORD admin ADMIN Admin administrator ADMINISTRATOR Administrator |
The following example disables the password check:
<?xml version="1.0" encoding="UTF-8"?> <Security CreationDate="2009-04-03T00:00:00.000Z"> <PasswordCheck> <NoPassword>0</NoPassword> <UserAccount>0</UserAccount> <ComputerName>0</ComputerName> </PasswordCheck> </Security> |