Adding group password policies

Before you begin

Before you add password policy attributes, verify the status of password policy by running apusermgmt list-pwpolicy as described in Listing password policies.

About this task

Group-level policies do not exist by default, you must create them manually. You can add password policies using the add-pwpolicy command.

If you set the --globalrole parameter to Admin, you can create a password policy for the ibmapadmins group.
If you set the --globalrole parameter to User, you can create a password policy for the ibmapusers group.

Note: The ibmapadmins group is above the ibmapusers group.

Example

Adding password policy to the ibmapadmins group:

[root@e1n1~]# apusermgmt add-pwpolicy --globalrole=Admin --minlife=1 --maxlife=1 
--minclasses=4 --minlength=9 --history=2 --maxfail=3 --failinterval=60 --lockouttime=600
Added password policy to group 'ibmapadmins'