An administrator can create a password policy for use with
one or more services. For example, you might create a password policy
that specifies a rule that a character can be repeated no more than
three times in a password.
Before you begin
Depending on how your system administrator customized your system, you might not
have access to this task. To obtain access to this task or to have someone complete it for you,
contact your system administrator.
Before
you create a password policy, create one or more service instances
to associate with the password policy. If your policy uses a dictionary
of unwanted terms, create and import the dictionary file also.
About this task
If a password policy exists for all services, other policies
can still be added. However, only a single password policy can be
specified for each service type or each instance of a service type.
A password policy might exist for a service type. Additionally, password
policies might exist for different instances of that service type.
The more specific password policy overrides all others (for example,
a password policy for a Windows service
instance overrides a password policy for the Windows service).
Procedure
- From the navigation tree, select .
- On the Select Password Policies page,
in the Password Policies table, click Create.
- On the Manage Password Policies page,
on the General page, type a name and select a
business unit for your password policy.
Optionally, you
can add information about the scope of the policy, its status, keywords,
a caption, and a description for the password policy.
- Click the Targets page, and then choose
to add all service types or choose one or more specific services to
associate with the policy.
To add one or more services,
complete these steps:
- Click Add.
- On the Add Targets page, type your
search criteria, and then click Search.
- In the Services table, select
one or more services.
- Click OK.
Note: Service type can also be selected as target for password
policy by selecting the target type as Service Type.
- On the Manage Password Policies page,
click the Rules page. Specify the settings for
the password rules that you want to use to determine whether a password
entry is valid.
Note: If password synchronization is enabled,
ensure that password policies do not have any conflicts. When password
synchronization is enabled, IBM Verify Identity Governance combines
policies for all accounts that are owned by the user to determine
the password to be used. If conflicts between password policies occur,
the password might not be set.
- Click OK to save the changes.
- On the Success page, click Close.