Global user settings

Change global settings on the Users and roles menu opens a page that lets you configure user interface session settings affecting all users.

Only users assigned to a role with the “manage users and roles” permission can view or change global user settings.

This page has two tabs: Session management and User security. The following topics describe the fields on each tab.

Session management tab

  • Maximum session length (minutes) – The number of minutes a session can be idle before the system logs off the user.
  • Login retries – The number of times a user can try unsuccessfully to log on to the user interface before the system locks out the user. This is a safeguard against possible efforts by unauthorized users to access the system.
  • Lockout length (minutes) – The interval in minutes that a lockout is in effect. When the lockout expires, the user can try again to log on. If you want to unlock a user immediately see Unlock a blocked user.
  • Allow a user to have concurrent browser sessions – Selecting this allows all users to log on multiple times to the user interface simultaneously. When unchecked, each user can have only a single browser session. If you select this, make sure the maxUserSessions element in the license.xml file in the system conf directory can support many concurrent user sessions.
  • Allow browsers to remember user IDs – Select this to display a checkbox for Remember my user ID on the log-on page. This gives users the option of having their browsers remember their user IDs the next time they log on. Clear the checkbox on the global settings page if you do not want browsers to remember user IDs. After disallowing browsers from remembering user IDs, users may not notice the change until logging on for the second time following the change.

User security tab

Any changes to the password settings take effect the next time a user changes a password.

  • Minimum user ID length – The minimum number of characters allowed for user IDs. A user ID can be any combination of alphanumeric characters and is case sensitive. If you change the minimum user ID length, the new minimum is enforced only for new users. IDs of users who pre-date the change remain valid.
  • Minimum password length – The minimum number of characters allowed for user passwords.
  • Minimum change count before password can be reused – The number of times a user must change a password before a previous password can be re-used. If a value of 0 is used, the minimum change count for password re-use is disabled. This means a minimum change count does not affect password re-use.
  • Elapsed days before password can be reused – The number of days that must pass before a user can re-use a password. If a value of 0 is used, elapsed days before a password can be re-used is disabled. This means a password can be re-used immediately if the minimum change count also is 0.
  • Days password remains valid before it must be reset – The number of days a password is valid before it must be changed. If a value of 0 is used, a password remains valid forever.
  • Elapsed days before disabling an inactive user – The number of days before an inactive user’s account is disabled. A disabled user can be re-activated. If a value of 0 is used, a user remains active forever, regardless how much time has elapsed since the user logged on.
  • Force new users to reset their passwords upon initial logon – Selecting this compels all new users to change their passwords after logging on the first time.
  • Passwords must have at least one upper-case letter and one lower-case letter – Forces users to have at least one upper-case letter and one lower-case letter in passwords. With or without this selected, passwords are case sensitive.
  • Passwords must have at least one number (0 to 9) – Forces users to include at least one number in passwords.
  • Passwords must have at least one special character from the set – Forces users to have at least one special character in their passwords. Type the permitted characters in the special characters allowed field. For example, you can allow characters such as: `~!@#$%^&*()-=[]{}\|;:",.<>?.

Related topics

Related Links