Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Limit the max lifetime based on administrative account

This thread has been viewed 0 times

  • 1.  Limit the max lifetime based on administrative account

    Posted Nov 26, 2012 03:56 AM

    Hi All

     

    Currently, I am fighting on how to limit the max lifetime (duration before expire since first login) based on administrative account.:smileyvery-happy:

    Let say "superadmin" could assign lifetime = 3 months to any users while "admin" could not.

    I try to add one more option "120960 | 3 months" option in guest manager but it seems to be applied to  all administrative account.

     

    So, I try another approach by setting an initial value to expire_postlogin (Customize -> Field) and only allow "superadmin" to add/edit lifetime (Customize -> Forms&View).

    Whenever I assign inital value to expire_postlogin and press Save, following alert comes out

    "Please choose from one of these options" in "Field type" box.

     

    Does anyone have idea?



  • 2.  RE: Limit the max lifetime based on administrative account

    EMPLOYEE
    Posted Nov 26, 2012 05:17 AM

    Each user types requires a different form for this to happen.  Under "Forms and Views" you need to duplicate that create_user"  form, change the "modify_expire_time " (do not edit base field, otherwise you will change it everywhere) to only allow your range of times in a dropdown and then save.  You then go into the specific operator profile for that type of user and click "Override the application’s forms and views" and then you will be able to select that different form for "Create Guest Accounts".