Dlp-H141 Change The Security Policy On A Single Node - Cisco ONS 15310-MA SDH Procedure Manual

If the removed node was not the only BITS timing source, provision the adjacent nodes to line timing
Step 5
using SDH links (east and west) as timing sources, traceable to the node with external BITS timing. See
the
Return to your originating procedure (NTP).
Step 6

DLP-H141 Change the Security Policy on a Single Node

Purpose
Tools/Equipment
Prerequisite Procedures
Required/As Needed
Onsite/Remote
Security Level
Step 1 In node view, click the Provisioning > Security > Policy tabs.
If you want to modify the idle user timeout period, click the hour (H) and minute (M) arrows in the Idle
Step 2
User Timeout area for the security level you want to provision: RETRIEVE, MAINTENANCE,
PROVISIONING, or SUPERUSER. The idle period time range is 0 and 16 hours, and 0 and 59 minutes.
The user is logged out after the idle user timeout period is reached.
In the User Lockout area, you can modify the following:
Step 3
•
•
•
In the Password Change area, you can modify the following:
Step 4
•
•
•
•
Step 5 To require users to change their password at periodic intervals, check the Enforce Password Aging check
box in the Password Aging area. If checked, provision the following parameters:
•
Cisco ONS 15310-MA SDH Procedure Guide, Release 9.1 and Release 9.2
17-44
"NTP-H23 Set Up Timing" procedure on page
This task changes the security policy for a single node, including idle user
timeouts, user lockouts, password changes, and concurrent login policies.
None
DLP-H29 Log into CTC, page 16-43
As needed
Onsite or remote
Superuser only
Failed Logins Before Lockout—Displays the number of failed login attempts a user can make before
the user is locked out from the node. You can choose a value between 0 and 10.
Manual Unlock by Superuser—Allows a user with Superuser privileges to unlock a user manually
who has been locked out from a node.
Lockout Duration—Sets the amount of time the user will be locked out after a failed login. You can
choose a value between 0 and 10 minutes, and 0 and 55 seconds (in five-second intervals). If you
checked Manual Unlock by Superuser, Lockout Duration is disabled.
Prevent Reusing Last [ ] Passwords—Choose a value between 1 and 10 to set the number of different
passwords the user must create before he or she can reuse a password.
New Password must Differ from the Old Password—Choose the number of characters that must
differ between the old and new password. The default number is 1.
Cannot Change New Password for [ ] days—If checked, prevents users from changing their
password for the specified period. The range is 20 to 95 days.
Require Password Change on First Login to New Account—If checked, requires users to change
their password the first time they log into their account.
Aging Period—Sets the amount of time that must pass before the user must change his or her
password for each security level: RETRIEVE, MAINTENANCE, PROVISIONING, SUPERUSER.
The range is 20 to 95 days.
Chapter 17
3-10.
DLPs H100 to H199
78-19416-01