Sun Microsystems, Inc.
spacerspacer
spacer www.sun.com docs.sun.com |
spacer
black dot
 
 
10.  Administering Principals and Policies (Tasks) Administering Policies How to View a Policy's Attributes  Previous   Contents   Next 
   
 

Example--Viewing a Policy's Attributes

The following example shows the Policy Details panel when you are viewing the test policy.

Example--Viewing a Policy's Attributes (Command Line)

In the following example, the get_policy command of kadmin is used to view the attributes of the enguser policy.

kadmin: get_policy enguser
Policy: enguser
Maximum password life: 2592000
Minimum password life: 0
Minimum password length: 8
Minimum number of password character classes: 2
Number of old keys kept: 3
Reference count: 0
kadmin: quit

The reference count is the number of principals that use this policy.

How to Create a New Policy

An example of the command-line equivalent follows this procedure.

  1. If necessary, start the SEAM Tool.

    See "How to Start the SEAM Tool" for details.

  2. Click the Policies tab.

  3. Click New.

    The Policy Details panel is displayed.

  4. Specify a name for the policy in the Policy Name field.

    The policy name is mandatory.

  5. Specify values for the policy's attributes.

    Choose Context-Sensitive Help from the Help menu for information about the various attributes in this window. Or, go to Table 10-5 for all the policy attribute descriptions.

  6. Click Save to save the policy, or click Done.

Example--Creating a New Policy

In the following example, a new policy called build11 is created. The Minimum Password Classes is set to 3.

Example--Creating a New Policy (Command Line)

In the following example, the add_policy command of kadmin is used to create the build11 policy. This policy requires at least 3 character classes in a password.

$ kadmin
kadmin: add_policy -minclasses 3 build11
kadmin: quit

How to Duplicate a Policy

This procedure explains how to use all or some of the attributes of an existing policy to create a new policy. No command-line equivalent exists for this procedure.

  1. If necessary, start the SEAM Tool.

    See "How to Start the SEAM Tool" for details.

  2. Click the Policies tab.

  3. Select the policy in the list that you want to duplicate, then click Duplicate.

    The Policy Details panel is displayed. All the attributes of the selected policy are duplicated, except for the Policy Name field, which is empty.

  4. Specify a name for the duplicated policy in the Policy Name field.

    The policy name is mandatory. To make an exact duplicate of the policy you selected, click Save and skip to Step 6.

  5. Specify different values for the policy's attributes.

    Choose Context-Sensitive Help from the Help menu for information about the various attributes in this window. Or, go to Table 10-5 for all the policy attribute descriptions.

  6. Click Save to save the policy, or click Done.

How to Modify a Policy

An example of the command-line equivalent follows this procedure.

  1. If necessary, start the SEAM Tool.

    See "How to Start the SEAM Tool" for details.

  2. Click the Policies tab.

  3. Select the policy in the list that you want to modify, then click Modify.

    The Policy Details panel is displayed.

  4. Modify the policy's attributes.

    Choose Context-Sensitive Help from the Help menu for information about the various attributes in this window. Or, go to Table 10-5 for all the policy attribute descriptions.


    Note - You cannot modify a policy's name. To rename a policy, you must duplicate the policy, specify a new name for it, save it, and then delete the old policy.


  5. Click Save to save the policy, or click Done.

Example--Modifying a Policy (Command Line)

In the following example, the modify_policy command of kadmin is used to modify the minimum length of a password to five characters for the build11 policy.

$ kadmin
kadmin: modify_policy -minlength 5 build11
kadmin: quit

How to Delete a Policy

An example of the command-line equivalent follows this procedure.

  1. If necessary, start the SEAM Tool.

    See "How to Start the SEAM Tool" for details.

  2. Click the Policies tab.


    Note - Before you delete a policy, you must cancel the policy from all principals that are currently using it. To do so, you need to modify the principals' Policy attribute. The policy cannot be deleted if any principal is using it.


  3. Select the policy in the list that you want to delete, then click Delete.

    After you confirm the deletion, the policy is deleted.

 
 
 
  Previous   Contents   Next