Library /sys$common/syshlp/HELPLIB.HLB  —  DCE  DCE_SECURITY, Admin Intro, rgy_edit, miscellaneous_commands, policy
 po[licy] [organization_name] [-al lifespan | forever]
          [-pl passwd_lifespan | forever]
          [-px passwd_exp_date | none] [-pm passwd_min_length]
          [-pa | -pna] [-ps | -pns]

 Changes or displays registry standard policy or the policy for an
 organization.

 Enter organization_name to display or change policy for that
 specific organization.  If you do not enter organization_name the
 subcommand affects standard policy for the entire registry.

 The -al option determines the account's lifespan, the period during
 which accounts are valid.  After this period of time passes, the
 accounts become invalid and must be recreated.   An account's
 lifespan is also controlled by the add and change subcommands -x
 option.  If the two lifespans conflict, the shorter one is used.
 Enter the lifespan in the following in the following format:

       weekswdaysdhourshminutesm

 For example, 4 weeks and 5 days is entered as 4w5d.

 If you enter only a number and no weeks, days, or hours designation,
 the designation defaults to hours.  If you end the lifepan with a
 number and no weeks, days, or hours designation, the number with no
 designation defaults to seconds.  For example, 12w30 is assumed to
 be 12 weeks thirty seconds.

 The -pl option determines the password lifespan, the period of time
 before account's password expires. Generally, users must change
 their passwords when the passwords expire. However, the policy to
 handle expired passwords and the mechanism by which users change
 their passwords are defined for each platform, usually through the
 login facility.

 Enter passwd_lifespan as a number indicating the number of days.
 If you define a password lifespan as forever, the password has an
 unlimited lifespan.

 The -px option specifies the password expiration date in
 yy/mm/dd/hh.mm:ss format. Generally, users must change their
 passwords when the passwords expire. However, the policy to
 handle expired passwords and the mechanism by which users change
 their passwords are defined for each platform, usually through
 the login facility.

 If you define a password expiration date as none, the password has
 an unlimited lifespan.

 The -pm, -ps, -pns, -pa, and -pna options all control the format of
 passwords as follows:

   +  -pm - Specifies the minimum length of passwords in characters.
      If you enter 0, no password minimum length is in effect.

   +  -ps and -pns - Specify whether passwords can contain all spaces
      (-ps) or can not be all spaces (-pns).

   +  -pa and -pna - Specify whether passwords can consist of all
      alphanumeric characters (-pn) or must include some non-
      alphanumeric characters (-pna).
Close Help