The following table explains policies that govern authenticating local and domain user accounts.
Encryption Management for Apple FileVault and Encryption Management for Microsoft BitLocker do not require authentication and are not affected by authentication policies. Client, login, password, and authentication policies, or allowing the user to uninstall the Endpoint Encryption agent software only affects the Full Disk Encryption and File Encryption agents.
|
Category |
Policy Name |
Description |
Value Range and Default |
|---|---|---|---|
|
Local Login |
Admin Password |
Specify policies regarding authenticating to the local device only. |
N/A |
|
|
Allowed Character Types |
Specify whether passwords can contain alpha, numeric, special or a combination. |
Alpha, Numeric, Special Default: All |
|
|
Can Contain User Name |
Specify if the user name can be contained in the password. |
Yes, No Default: Yes |
|
|
Consecutive Characters Allowed |
Specify the number of consecutive characters allowed in a password. |
0-255 Default: 3 |
|
|
Minimum Length |
Specify the minimum length allowed for passwords. |
0-255 Default: 6 |
|
|
Password History Retention |
Specify the number of past passwords the user is not allowed to use. |
0-255 Default: 0 |
|
|
Require How Many Characters |
Specify the number of alpha characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Lower Case Characters |
Specify the number of lower case characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Numbers |
Specify the number of numeric characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Special Characters |
Specify the number of special characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Upper Case Characters |
Specify the number of upper case characters that must be used in a password. |
0-255 Default: 0 |
|
Local Login |
Self Help |
Specify the policies that are used for Self Help. |
N/A |
|
|
Number of Questions |
Specify the number of questions required to be answered correctly to authenticate the user. |
1-6 Default: 1 |
|
|
Personal Challenge |
Specify the personal challenge question(s) used for Self Help. |
1-1024 Default: N/A |
|
Local Login |
User Password |
Specify the policies that are used for User Passwords. |
N/A |
|
|
Allowed Character Types |
Specify whether passwords can contain alpha, numeric, special or a combination. |
Alpha, Numeric, Special Default: All |
|
|
Can Contain User Name |
Specify if the user name can be contained in the password. |
Yes, No Default: Yes |
|
|
Change Password Every |
Specify (in days) when to force a user to change their password. |
1-1000000 Default: 60 |
|
|
Consecutive Characters Allowed |
Specify the number of consecutive characters allowed in a password. |
0-255 Default: 3 |
|
|
Minimum Length |
Specify the minimum length allowed for passwords. |
0-255 Default: 6 |
|
|
Password History Retention |
Specify the number of past passwords the user is not allowed to use. |
0-255 Default: 0 |
|
|
Require How Many Characters |
Specify the number of alpha characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Lower Case Characters |
Specify the number of lower case characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Numbers |
Specify the number of numeric characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Special Characters |
Specify the number of special characters that must be used in a password. |
0-255 Default: 0 |
|
|
Require How Many Upper Case Characters |
Specify the number of upper case characters that must be used in a password. |
0-255 Default: 0 |
|
|
User Name Case Sensitive |
Specify if the user name is case sensitive |
Yes, No Default: No |
|
Domain Authentication |
Specify settings for Domain Authentication |
Enable, Disable |
|
|
Active Directory Synchronization |
Specify settings for Active Directory Synchronization |
Enable, Disable |
|
|
|
Distinguished Name |
Optional: Specify the distinguished name of the authentication server. If no Distinguished Name is specified, this will default to the LDAP server Default Naming Convention. |
1-255 Default: N/A |
|
|
User Name |
Specify the user name that will be connected to Active Directory. |
1-255 Default: N/A |
|
|
Password |
Specify the password that will be connected to Active Directory. |
1-255 Default: N/A |
|
|
Domain Name |
NetBIOS name of the domain for Single Sign On. Default is NetBIOS value used by the PolicyServer. |
1-255 Default: N/A |
|
|
Host Name |
Specify the host name. The host name can be a domain name. |
1-255 Default: N/A |
|
|
Port Number |
Optional: 0 = use default. Specifies the port to be used for the connection. If no port number is specified, the LDAP provider uses the default port number. |
0-65535 Default: 0 |
|
Network Login |
Server Type |
Type of server used to authenticate client user requests. |
LDAP, LDAProxy Default: LDAP |
|
|
Remember User Between Login |
Remember last used user name and display it in the authentication screen. |
Yes, No Default: Yes |