1. EAGLE LNP Application Processor Administration and LNP Feature Activation Guide
  2. ELAP Graphical User Interface
  3. ELAP GUI Menus
  4. User Administration Menu

4.2.7 User Administration Menu

The User Administration menu allows the user to perform various platform tasks, including administering users and groups, terminating active sessions, and modifying system defaults. The user interface allows for many users with multiple and varied configurations of permissions. It is designed for convenience and ease of use while supporting complex user set-ups where required.

Figure 4-36 User Administration Menu


img/c_user_administration_menu_elapgui_elapadmin-fig1.jpg

When a user successfully logs into the UI , he is considered to have a session open. These rules apply to session management and security.

  • Idle Port Logout: If no messages are exchanged with the UI client session for a configurable amount of time, the session is automatically closed on the server side. The default length of the timeout is a system-wide value, configurable by the administrator. The administrator can also set a different timeout length for an individual user, if desired.
  • Multiple Sessions per User: The administrator can turn off multiple sessions allowed per user on a global system-wide basis.
  • Revoke/Restore User: The administrator can revoke a userid. A revoked userid remains in the database but can no longer log in. Likewise, the administrator can restore a userid that was previously revoked.
  • Manage Unused UserIDs: The ELAP UI automatically revokes userids that are not accessed within a specified number of days. The number of days is a system-wide value that is definable by the administrator.
  • Login Tracking: When a user successfully logs in, the UI displays the time of the last successful login and the number of failed login attempts for that userid.
  • Intrusion Alert: When the number of successive failed login attempts from a specific IP address reaches 5 (five), the ELAP automatically writes a message to the UI security log and displays a message on the banner applet to inform any administrator logged in at that time.
  • Revoke Failed User: The UI automatically revokes any user who has N successive login failures within 24 hours. N is a system-wide configurablnumber, with a default of 3 (three). This restriction is turned off if N is set to 0 by the administrator.

The User Administration menu performs administration functions for users and groups, and handles terminating active sessions and modifying system defaults. See these topics discussed:

4.2.7.1 Terminate Active UI Sessions

The User Administration / Terminate Active Sessions screen allows the administrator to selectively terminate individual active user interface sessions. See the Terminate Active Sessions screen in Figure 4-37.

Figure 4-37 Terminate Active Sessions Screen


img/c_user_administration_menu_elapgui_elapadmin-fig43.jpg

Select a user interface session for termination, by clicking in the Delete? column. A message confirming a successful termination is displayed.

4.2.7.2 Modify System Defaults

The User Administration / Modify System Defaults screen allows the administrator to manage the systems defaults. See Figure 4-38.

Figure 4-38 Modify System Defaults Screen


img/c_modify_system_defaults.jpg

The system defaults that you can modify are:

  • Enforce password complexity checking: When password complexity checking is enforced, all new passwords must adhere to several complexity rules before they are accepted. When checking is not enforced, all new passwords are accepted.

  • Maximum Failed User Logins: This field specifies the number of consecutive failed logins allowed for a specific user before that user's account is revoked.

  • Password Reuse Limit: This field requires a specified number of unique passwords that a user must use before accepting a previous password.

  • Maximum Account Inactivity: This field specifies the number of days that a user account can be idle before the account is automatically revoked. If a user account is revoked, the user must contact the system administrator before being able to use the system again.

    The account inactivity value is calculated by date. An expiration value of 1 day does not mean that the user will be revoked after 24 hours. Hours and minutes are not considered. For example, an expiration value of 1 day set at any time on January 1 will cause the user to be revoked after the expiration of the new date, which is the current date plus the timeout value. In this example, the new date is January 2 (January 1 + 1 day). The user would be revoked at the start of January 3.

  • Session Idle Timeout: This field limits the number of minutes that an open session can remain idle before the server automatically closes the session.

  • Maximum Password Age: This field limits the number of days that a user can have the same password before requiring him/her to change it.

  • Maximum Concurrent User Logins: This field limits the number of concurrent login sessions that each user can have. This limitation does not apply to users with Administrative privileges.

  • Maximum Concurrent Logins: This field limits the number of concurrent login sessions that can exist on the ELAP pair. Users with Administrative privileges are excluded from this total session count.

  • Login Message Text: This field contains the text message displayed in the initial work area at login. The field is limited to 255 characters. The default text is:

    NOTICE: This is a private computer system. Unauthorized access or use may lead to prosecution.

  • New User Default Groups: This field contains a list of group names (comma-delimited) with which newly created users are automatically assigned. The default group name is readonly.

  • Unauthorized IP Access Message: This field contains the text message displayed when a connection is attempted from an IP address that does not have permission to use the UI. The default text is:

    NOTICE: This workstation is not authorized to access the GUI.

  • Status Refresh Time: This field contains the system default for the refresh time used for the View RTDB Status. The time must be set to either 5-600 seconds or 0 (no refreshing). The refresh time shown in View RTDB Status screen will be set to 5 if a value of 1 to 4 is entered.

  • ELAP A Pretty Name: This field defines the name that is displayed on the top left of menu screens on the ELAP A GUI. The default text is ELAP_A_NAME.

  • ELAP B Pretty Name: This field defines the name that is displayed on the top left of menu screens on the ELAP B GUI. The default text is ELAP_B_NAME.

  • Configurable Quantity Threshold Alarm: This field shows the configurable percentage for the Quantity Threshold Alarm.

  • Non-Configurable Quantity Threshold:

    This field is non-configurable and read-only, and it shows the non-configurable percentage for the Quantity Threshold alarm. It raises a major alarm upon reaching the 100% RTDB level.

When the changes to the system defaults are complete, click the Submit Defaults button. A message confirming a successful change appears.