- Notes, cautions, and warnings
- Additional resources
- Introduction
- Manage the System
- Configure general system settings
- Configure system information
- Manage software versions
- View faulted storage resources
- Upgrade the system
- Manage security settings
- Manage system time
- Manage schedule time zone
- Manage support configuration and proxy server settings
- Manage support contracts
- Manage Centralized ESRS
- Manage SupportAssist (physical deployments only)
- Manage Connect Home
- Manage user roles
- Manage user accounts
- Manage user account settings
- Manage support credentials
- Manage system limits
- View installed feature licenses
- View and accept the End User License Agreement
- Manage remote logging
- Manage system certificates
- Manage snapshot protection schedules
- Manage task rules
- Manage jobs
- Manage job step
- Configure Network Communication
- Manage NAS servers
- Manage VLANs
- Manage tenants
- Manage CIFS Servers
- Manage NFS servers
- Manage Common Anti Virus Agent (CAVA)
- Manage Events Publishing configuration settings
- Manage CEPA pool configuration settings
- Manage VMware NAS protocol endpoint servers
- Manage reverse CHAP for mutual CHAP authentication
- Set up iSNS for iSCSI storage
- Manage iSCSI configuration
- Manage iSCSI nodes (servers)
- Manage Ethernet ports
- Manage SAS ports (physical deployments only)
- Manage FC ports
- Manage uncommitted ports
- Manage Management network interfaces
- Manage network interfaces
- Manage static IP routes
- Manage link aggregations
- Manage Fail-safe networking (physical deployments only)
- Manage DNS settings
- Manage NTP server settings
- Manage NIS server domains
- Manage SMTP server settings
- Manage NDMP server settings
- Manage LDAP settings
- Utility commands
- Manage Distributed Hierarchical Storage Management
- Manage DHSM Connection
- Manage the tie breaker node (dual-SP virtual deployments only)
- Manage a tie breaker node configuration (dual-SP virtual deployments only)
- Manage Hosts
- Manage host configurations
- Manage host LUNs
- Manage host groups
- Manage host initiators
- Manage host initiator paths
- Manage iSCSI CHAP accounts for one-way CHAP authentication
- Manage iSCSI connections
- Manage iSCSI connection paths
- Manage remote storage systems
- Create remote system configurations
- Verify settings for remote storage systems
- View settings for remote storage systems
- Change settings for remote storage systems
- Delete remote system configurations
- Cabinet level unplanned failover of replication sessions
- Pause replication sessions
- Resume replication sessions
- Manage VMware vCenter
- Manage ESXi hosts
- Virtual machine
- VM hard disk
- Manage Hardware Components
- Manage Storage Processor (SP)
- Manage disk
- Manage battery (physical deployments only)
- Manage power supply (physical deployments only)
- Manage link control card (LCC) (physical deployments only)
- Manage SSD (physical deployments only)
- Manage disk array enclosure (DAE)
- Manage disk processor enclosure (DPE)
- Manage memory module (physical deployments only)
- Manage System Status Card (physical deployments only)
- Manage fan modules (physical deployments only)
- Manage I/O modules, embedded modules, and 4-port cards (physical deployments only)
- Manage Storage
- Configure pools automatically
- Configure custom pools
- Manage pool tiers
- View pool resources
- Manage FAST VP general settings
- Manage FAST Cache (supported physical deployments only)
- Manage FAST Cache storage objects (physical deployments only)
- View storage profiles (physical deployments only)
- Manage drive groups (physical deployments only)
- Manage storage system capacity settings
- Manage system tier capacity settings
- Manage file systems
- Manage user quotas for file systems and quota trees
- Manage quota trees
- Manage quota settings
- Manage NFS network shares
- Manage SMB network shares
- Manage LUNs
- Manage consistency groups
- Manage VMware NFS datastores
- Manage VMware VMFS datastores
- Manage VMware protocol endpoints
- Manage vVol datastores
- Manage vVol objects
- Manage capability profiles
- Manage I/O limits
- Manage I/O limit configuration
- Protect Data
- Manage snapshots
- Manage snapshot NFS shares
- Manage snapshot CIFS shares
- Manage replication sessions
- Create replication sessions
- View replication sessions
- Change replication session settings
- Pause replication sessions
- Resume replication sessions
- Manually synchronize replication sessions
- Delete replication sessions
- Fail over replication sessions
- Fail back replication sessions
- Preserve asynchronous replication sessions
- Re-create a replication session
- Manage virtual RecoverPoint appliance CHAP accounts
- Manage Data at Rest Encryption (physical deployments only)
- Manage KMIP support (physical deployments only)
- Data Mobility
- Manage Events and Alerts
- Service the System
- Manage Metrics
- Use Cases
- Pool use cases
- File sharing use cases
- Resource configuration use cases
- Replication configuration use case
- Configure local replication
- Configure asynchronous replication
- Configure synchronous replication
- Create a replication interface
- Create a replication connection
- Create a replication session for block storage
- Create an asynchronous replication session for file storage
- Create a synchronous replication session for file storage
- View replication sessions
- Reference
Dell Unity™ Family Unisphere® Command Line Interface User Guide
Configure user account settings
Configure the user account settings for a STIG-enabled system. If the -enabled option is yes, all other subsequent options can be specified. If the subsequent options are not specified when user account settings -enabled is set to yes, the default-enabled value that is specified below is used. The disabled value for these options when user account settings -enabled is set to no are detailed in the attributes table in Manage user account settings.
NOTE:This command is not valid for systems that do not have STIG enabled.
Format
/user/account/settings set [-enabled {yes | no}] [-passwdMinSize <value>] [-passwdCount <value>] [{-passwdPeriod <value> | -noPasswdPeriod}] [{-maxFailedLogins <value> | -noMaxFailedLogins}] [{-failedLoginPeriod <value> | -noFailedLoginPeriod}] [{-lockoutPeriod <value> | -noLockoutPeriod | -manualUnlock}] [{-sessionIdleTimeout <value> | -noSessionIdleTimeout}] [-defaultAdminLockoutEnabled {yes | no}]| Qualifier | Description |
|---|---|
| -enabled | Specifies whether to enable or disable user account settings. Valid values are:
|
| -passwdMinSize | Specifies the minimum number of characters for a password. Value range is 8-64. If not specified, the user account setting default-enabled value is 15. |
| -passwdCount | Specifies the number of passwords that cannot be reused. Valid range: 3 -12. If not specified, the user account setting default enabled value is 5. |
| -passwdPeriod | Specifies the time period (in days) for which a password is valid before it expires. Value range is
1-180 days. If neither this value nor
-noPasswdPeriod is specified, the user account setting default-enabled value is
60.
NOTE:This setting is not applicable to local admin user accounts.
|
| -noPasswdPeriod | Specifies that the password does not have an expiry period for local user accounts. |
| -maxFailedLogins | Specifies the number of consecutive failed login attempts allowed within the failed login period before the account is locked. Value range is
1-10. If neither this value nor
-noMaxFailedLogins is specified, the user account setting default value is
3.
NOTE:If this option is specified, the
-failedLoginPeriod and
-lockoutPeriod options must also be specified.
|
| -noMaxFailedLogins | Specifies that there is no maximum limit on the number of consecutive failed login attempts.
NOTE:If this option is specified, the
-noFailedLoginPeriod and
-noLockoutPeriod options must also be specified.
|
| -failedLoginPeriod | Specifies the time period (in seconds) during which the failed login attempts are tracked and considered, thus counting toward the maximum failed logins before lockout. Value range is
1-3600 seconds. If neither this value nor
-noFailedLoginPeriod is specified, the user account setting default-enabled value is
900.
NOTE:If this option is specified, the
-maxFailedLogins and
-lockoutPeriod options must also be specified.
If the maximum failed logins are not met during the
Failed login period, the
Maximum failed logins count resets.
|
| -noFailedLoginPeriod | Specifies that the number of consecutive failed login attempts within a given time period is not being tracked.
NOTE:If this option is specified, the
-noMaxFailedLogins and
-noLockoutPeriod options must also be specified.
|
| -lockoutPeriod | Specifies the time period (in seconds) for which an account is locked before the user can attempt to log in again. Value range is
1-86400 seconds. If neither this value nor
-noLockoutPeriod is specified, the user account settings default enabled value is
3600.
NOTE:If this option is specified, the
-maxFailedLogins and
-failedLoginPeriod options must also be specified.
|
| -noLockoutPeriod | Specifies that local user accounts will not be locked due to meeting the number of
-maxFailedLogins within the
-failedLoginPeriod.
NOTE:If this option is specified, the
-noMaxFailedLogins and
-noFailedLoginPeriod options must also be specified.
|
| -manualUnlock | Specifies that the account remains locked until manually unlocked by an administrator. |
| -sessionIdleTimeout | Specifies the time period (in seconds) of idle activity, after which the login session times out. The value range is: 1-3600 seconds. If neither this value nor -noSessionIdleTimeout is specified, the user account settings default enabled value is 600. |
| -noSessionIdleTimeout | Specifies that the session will never time out due to being idle. |
| -defaultAdminLockoutEnabled | Specifies whether account lockout is enabled for admin users. Values are:
|
Example 1
The following command enables the user account settings with all default-enabled values set when transitioning from a disabled state:
uemcli -d 10.0.0.1 -u Local/joe -p MyPassword456! /user/account/settings set -enabled yesStorage system address: 10.0.0.1 Storage system port: 443 HTTPS connection Operation completed successfully.
Example 2
The following command disables the user account settings, which reverts the account settings back to the original values from before the settings were enabled:
uemcli -d 10.0.0.1 -u Local/joe -p MyPassword456! /user/account/settings set -enabled noStorage system address: 10.0.0.1 Storage system port: 443 HTTPS connection Operation completed successfully.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\