000021132 - How to set RSA ACE/Server user password lifetime to greater than 3 years

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021132
Applies ToRSA ACE/Server Administration API
RSA ACE/Server creates use passwords (via host or remote admin) with a death date of current time + 3 years
RSA ACE/Server Administration API can set the password lifetime of a new user to up to 10 years
IssueHow to set RSA ACE/Server user password lifetime to greater than 3 years
ResolutionThe following example RSA ACE/Server Administration API TCL script demonstrates this concept:

#!./tcl-sd

#connect to Server
puts [Sd_ApiInit "" "" 1]

#add user tuser, password "1234" with 10 year lifetime
set tokSerial [Sd_AssignPassword user test tuser /bin/sh 1234 3653 0]
puts "Created password token $tokSerial"

Sd_ApiEnd


NOTE:  password lifetime is a different concept than the System parameter "passwords expire in".  The System parameter controls how long a password can be used until the user is requested to change it during an authentication.  Password lifetime, on the other hand, defines how long before a password must be updated by administrator action.
Legacy Article IDa21121

Attachments

    Outcomes