Harvest Password Policy Standards
search cancel

Harvest Password Policy Standards

book

Article ID: 251204

calendar_today

Updated On:

Products

CA Harvest Software Change Manager CA Harvest Software Change Manager - OpenMake Meister

Issue/Introduction

Does the application force users to change their passwords as required by our company's policy-based intervals?  Does the application enforce password complexity that matches our company's standards?  (for example, at least 2 upper, 2 lower, 2 numeric, & 2 special characters)  Can these rules be changed?  Could you give me some examples of changing password from 90 to 60 days.

Environment

Harvest Software Change Manager all versions

 

Cause

If your Harvest system is configured to use LDAP for authentication, password length, complexity, and other requirements are maintained by the LDAP server and Harvest has no control of those rules.
 
If your Harvest system is configured to use "internal" authentication, meaning the passwords and other user details are maintained inside the Harvest database and not by another system, the password length, complexity, and other rules are controlled using 2 command line utilities:
 
 
This command exports the existing password policy to a text file for review and update
 
 
This command imports into the Harvest database the password policy details contained in the text file you specify. 

Resolution

Here's how it works:
 
You can export the existing Harvest password policy to a text file by opening a command prompt on your broker machine and executing:
hppolget -b <brokername> -prompt -f pwpolicy.txt
(change "<brokername>" to the name of your SCM Broker)
 
Edit the resulting pwpolicy.txt file to update the password policy rules you would like to change, then save and close the file.
 
Import the changes to the Harvest database by executing this command:
hppolset -b <brokername> -prompt -f pwpolicy.txt
(change "<brokername>" to the name of your SCM Broker)
 
The password policy details that can be changed are listed in the documentation on the page describing the hppolset command, and include such things as
MaximumPasswordAge
MinimumPasswordAge
MinimumPasswordLength
PasswordCountBeforeReusable
MaxFailAttemptBeforeLockout
AllowChangeAfterExpire
MaximumRepeatableCharacter
ExpirationWarningAge
MinimumNumericCharacter
MinimumLowercaseCharacter
MinimumUppercaseCharacter
MinimumNonalphanumericCharacter
AllowUsernameAsPassword
ForceChange

Additional Information

Information about the hppolget command is here: hppolget Command-Get Password Policy

Information about the hppolset command (including all the settings that are available to change) is here: hppolset Command-Set Password Policy

Powered by Wolken Software