|
ACLOGONVIOLCOUNT of the ACLOGONINFO group
|
If ACSAVELOGONVIOL is set for a usercode, the system
maintains a count of successive logon violations for each accesscode
in the ACLOGONVIOLCOUNT attribute.
|
|
ACSUSPENDTIME of the ACLOGONINFO group
|
If the security option SUSPENDDELAY is greater than
0, the system stores the activation time for a suspended accesscode
in the ACSUSPENDTIME attribute.
|
|
ACPWDATESTAMP of the ACCESSPWAGING group
|
If ACPWAGING is set for a usercode, then the system
maintains the accesscode password expiration date in the ACPWDATESTAMP
attribute. When a user changes the password associated with an accesscode,
the ACPWDAYSACTIVE value is added to the current date and the result
is stored in ACPWDATESTAMP for the appropriate accesscode.
|
|
ACSUSPENDED of the ACVIOLINFO group
|
If ACSAVEVIOLCOUNT is set for a usercode, then the system
sets the ACSUSPENDED attribute for an accesscode if a security violation
causes the ACVIOLLIMIT to be exceeded.
|
|
ACSUSPENDEDCODE of the ACVIOLINFO group
|
The system sets ACSUSPENDEDCODE for an accesscode when
it sets the ACSUSPENDED value to TRUE as a result of a security violation.
|
|
ACVIOLCOUNT of the ACVIOLINFO group
|
If ACSAVEVIOLCOUNT is set for a usercode, the system
maintains a count of security violations for each accesscode in the
ACVIOLCOUNT attribute.
|
|
ACVIOLDATE of the ACVIOLINFO group
|
If ACSAVEVIOLCOUNT is set for a usercode, the system
maintains the date of the last security violation for each accesscode
in the ACVIOLCOUNT attribute. This attribute is used to determine
whether the ACVIOLCOUNT counter needs to be restarted.
|
|
CREATETIME
|
Creation time of a user entry.
|
|
DATEPWCHANGED
|
If PASSWORDAGING is set for a usercode, the system maintains
the date of the last password change in the DATEPWCHANGED attribute.
|
|
DATESTAMP
|
If PASSWORDAGING is set for a usercode, the system maintains
the password expiration date in the DATESTAMP attribute. When a user
changes his or her password, the DAYSACTIVE value is added to the
current date, and the result is stored in DATESTAMP.
While assigning a new password to a user, a system administrator
can force that user to change the password by setting the DATESTAMP
attribute to an appropriate value.
|
|
LASTAUTHENTIME
|
If SAVELASTAUTHEN is set for a usercode, the system
maintains in the LASTAUTHENTIME attribute the date and time the last
usercode or password validation performed, other than during log-on.
|
|
LASTLOGONSTATION
|
If SAVELASTLOGON is set for a usercode, the system maintains
in the LASTLOGONSTATION attribute the station name where that usercode
was last successfully validated during log-on, even though other system
software restrictions might have prevented the user from logging on.
The MCS performing that log-on supplies the station name.
|
|
LASTLOGONTIME
|
If SAVELASTLOGON is set for a usercode, the system maintains
in the LASTLOGONTIME attribute the date and time of the last successful
usercode/password validation procedure performed by an MCS, even though
other system software restrictions might have prevented log-on.
|
|
LOGONVIOLCOUNT
|
If SAVELOGONVIOL is set for a usercode, the system maintains
a count for successive logon violations in the LOGONVIOLCOUNT attribute.
|
|
NEWPASSWORDLIST
|
The current list of current password hashes for a usercode.
|
|
OLDPASSWORDLIST
|
The list of recently used password hashes as controlled
by the MAXOLDPW attribute.
|
|
OLDPWLIST
|
If old passwords are being saved for a user—that
is, if MAXOLDPW is greater than 0—the recently used passwords
are maintained in the OLDPWLIST attribute.
|
|
PWMIGRATION
|
PWMIGRATION records the current migration value for
password hashes to the stronger SHA-256 password hash. If the value
is 1, passwords have been migrated from the old PASSWORD attribute
to the new NEWPASSWORDLIST attribute.
If the value is
2, the old PASSWORD attribute has been deleted, leaving the password
hash in only the new format.
|
|
SUSPENDTIME
|
If the security option SUSPENDDELAY is greater than
0, the system stores the activation time for a suspended usercode
in the SUSPENDTIME attribute.
|
|
SYSTEMMODIFYTIME
|
Modification time of a user entry where the modification
was a result of a system action. System actions include changes to
user history profile items (such as last logon time), changes to violation
counts, and migration of passwords to a new format.
|
|
USERMODIFYTIME
|
Modification time of a user entry where the modification
was a result of a user action. User actions are those taken by a security
administrator to change usercode attributes and those taken by a user
such as password changes.
|
|
VALIDATEDATE
|
If SAVEVALIDATEDATE is set for a usercode, the system
maintains in the VALIDATEDATE attribute the date of the last successful
validation of the usercode.
|
|
VIOLATIONCOUNT
|
If SAVEVIOLCOUNT is set for a usercode, the system maintains
a count of security violations in the VIOLATIONCOUNT attribute.
|
|
VIOLATIONDATE
|
If SAVEVIOLCOUNT is set for a usercode, the system records
the date of the last security violation in the VIOLATIONDATE attribute.
This attribute is used to determine whether the VIOLATIONCOUNT counter
needs to be restarted.
|
