Managing password policies, Creating a password policy, Displaying password attributes – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

Page 226

Advertising

194

Network OS NETCONF Operations Guide

53-1003231-02

Password policies

Managing password policies

Configure the <password-attributes> node in the urn:brocade.com:mgmt:brocade-aaa namespace
to define or modify existing password policies.

Creating a password policy

The following example defines a password policy that places restrictions on minimum length and
enforces character restrictions and account lockout.

1. Issue the <edit-config> RPC to configure the <password-attributes> node in the

urn:brocade.com:mgmt:brocade-aaa namespace.

2. Under the <password-attributes> node, provide the elements that define the policy.

The following example defines a password policy that requires passwords to be at least eight
characters long, contain at least two lowercase characters, at least one uppercase character, at
least one numeric character, and at least one special character. The policy also enforces lockout
after four attempts to enter the password. The <admin-lockout-enable> node enables the lockout
policy for admin role accounts.

?xml version="1.0" encoding="UTF-8"?>

<edit-config>

</target>

<password-attributes xmlns="urn:brocade.com:mgmt:brocade-aaa">

<min-length>8</min-length>

<max-retry>4</max-retry>

<character-retriction>

<special-char>1</special-char>

</admin-lockout-enable>

</character-restriction>

</password-attributes>

</config>

</edit-config>

</rpc>

<rpc-reply message-id="822" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">

<ok/>

</rpc-reply>

Displaying password attributes

To retrieve the current password policy, issue the <edit-config> RPC with a subtree filter to return
only information under the <password-attributes> node in the urn:brocade.com:mgmt:brocade-aaa
namespace.

<?xml version="1.0" encoding="UTF-8"?>

Advertising