<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/knowledge/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/knowledge/images/favicon.ico" />

<pre>
!!!ESTABLISH SYSTEM ACCESS RULES


The Establish System Access Rules (IMAR) screen allows you to provide different access levels to users. You can control password size and how many times a user can attempt to login to the system.

;Accessor Types: There are 5 accessor types, but only three are really used.
* Identity - for Self Service user
* User - for the Professional user
* Candidate - for the Candidate
Please note in the text below, for easy of reading, the term ‘user’ is placed instead of ‘accessor’
;Validation Method:There are three validation methods:
* Java and Oracle are what you should be using at this point.
* Oracle Forms is for the old software
* Java Version SHA-1 is used if you were only using Java
;Minimum Password Size: This field allows you to determine the minimum amount of characters a user may have in their password. You can determine a specific minimum size for each accessor type, so the Professional may need a minimum of 10 characters while the Candidate would need a minimum of only 5. Below this field you have other options for the user’s password:
;Must Contain Digit: If this field is toggled, the user's password must contain at least one numerical character. This will be a default toggle, so if you don't want them to have a digit, un-toggle it. Must Contain Punctuation
If this field is toggled the user's password must contain a special punctuation character.
;Force Password Change Default: This toggle dictates that if a user's password has been changed for them, they must change their password once they come into the system.
;Password Must Change: If the toggle is on, a password can not be reused until the number of password changes in the “Number of Prior Passwords” field has been exceeded. Pleae note that only one (the last) password change per day will be tracked.
;# Prior Passwords: You can control how many times a person can use a prior password. For example, if you set this number to 3, the person would not be able to use the same password until the fourth password change.
;Password Expires-Dys: This field dictates how often a user has to change their passwords. If you set it to 30, the user will have to change their password every 30 days.
;Lock After Expires-Dys: If the user has to change their password after a set amount of days, this field will indicate how many days after that due date the user has before they are locked out of the system. For example, if the Password Expires-Dys is set for 30 and the Lock After Expires-Dys is set for 90, this means that if the user does not log in for 90 days after the password expiry date, they will be locked out of the system. At that point they will need to call their system administrator to be allowed back in.
;Login Attempt: This field indicates how many times a user can attempt to login per session. i.e. one login window.
;Max Login Attempts: This field is the amount of times a single user can try to log in. Once they surpass that number, they will be locked out of the system until unlocked by an adminstrator.
;IP Lockout: This field has been deprecated.
</pre>