ESTABLISH SYSTEM ACCESS RULES#

The Establish System Access Rules (IMAR) screen allows you to provide different access levels to users. You can control password size and how many times a user can attempt to login to the system.

Data for the Establish System Access Rules screen is stored on the P2K_AM_ACCESS_RULES table.

Accessor Types
There are 5 accessor types, but only three are really used.
  • Identity - for Self Service user
  • User - for the Professional user
  • Candidate - for the Candidate
Please note in the text below, for easy of reading, the term ‘user’ is placed instead of ‘accessor’.
Validation Method
There are three validation methods:
  • Java and SQL are what you should be using at this point.
  • SQL is for the old software
  • Java Version SHA-1 is used if you were only using Java
UMRS cannot be run to reconcile new security set up if using "Java Version SHA-1". If it is launched all user passwords will need to be reset.

Minimum Password Size
This field allows you to determine the minimum amount of characters a user may have in their password. Passwords can be up to 30 varchar in length. You can determine a specific minimum size for each accessor type, so the Professional may need a minimum of 10 characters while the Candidate would need a minimum of only 5. Below this field you have other options for the user’s password:
Must Contain Digit
If this field is toggled, the user's password must contain at least one numerical character. This will be a default toggle, so if you don't want them to have a digit, un-toggle it.
Must Contain Punctuation
If this field is toggled the user's password must contain a special punctuation character.
There is a lexicon called X_BLOCKED_PHRASES which is used as another method of password security that will automatically be enabled to all passwords in the system. The samples provided in the lexicon show the various phrases/wording that cannot be used in passwords.
Track # Prior Passwords
You can control how many times a person can use a prior password. For example, if you set this number to 3, the person would not be able to use the same password until the fourth password change.
Force Password Change Default
This toggle dictates that if a user's password has been changed for them, they must change their password once they come into the system.
Must Contain Both U/L Cases
If this field is toggled the user's password must contain at least 1 Upper and 1 Lower case character.

Password Expires-Dys
This field dictates how often a user has to change their passwords. If you set it to 30, the user will have to change their password every 30 days.
Lock After Expires-Dys
If the user has to change their password after a set amount of days, this field will indicate how many days after that due date the user has before they are locked out of the system. For example, if the Password Expires-Dys is set for 30 and the Lock After Expires-Dys is set for 90, this means that if the user does not log in for 90 days after the password expiry date, they will be locked out of the system. At that point they will need to call their system administrator to be allowed back in.
Login Attempt
This field indicates how many times a user can attempt to login per session. i.e. one login window.
Max Login Attempts
This field is the amount of times a single user can try to log in. Once they surpass that number, they will be locked out of the system until unlocked by an administrator.
IP Lockout Minutes
This field has been deprecated.


Notes #

Click to create a new notes page