Appendix D. Changing the Password Complexity Rules

You can change the complexity rules of the password that you use for logging into the Fabric Manager user interface.

Notes:

  • The password complexity rule changing procedure are applicable for the FMP that is running ClearPath Forward Fabric Manager 3.1 or higher and

  • This procedure is applicable for the FMP that is running the LDAP service provided by the Fabric Manager for user authentication. This procedure is not applicable if the FMP is using a customer deployed LDAP service for Fabric Manager authentication.

  • If your ClearPath Forward Fabric is configured for high availability (HA), then you must run this procedure on both the nodes.

To change the password complexity rule, do the following:

  1. Log in to the FMP on which you want to change the Fabric Manager password complexity rule and open a new terminal session. If you are connecting remotely, you can use a tool such as Remote Desktop Protocol (RDP) client software.

  2. Execute the following command:

    su

  3. Type the root user password. The default password is Administer4Me.

  4. Go to the following location:

    cd /usr/local/ffm/tomcat/webapps/Forward/WEB-INF/classes

  5. Backup the current configuration file by executing the following command:

    cp config.properties config.oldproperties

  6. Execute the following command:

    gedit config.properties

    Look for the line that begins with "password.pattern"

  7. Note down the regular expression.

    By default the regular expression is as follows:

    ((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[_.!@$*=-?])(?!.*(?i)password).{8,20})

    The following table describes the patterns of the regular expression:

    Pattern

    Description

    (

    Opening parenthesis. This is required.

    (?=.*\\d)

    Must contain at least one number between 0 and 9.

    The double \\ are required.

    (?=.*[a-z])

    Must contain at least one lowercase letter of the alphabet.

    (?=.*[A-Z])

    Must contain at least one uppercase letter of the alphabet.

    (?=.*[_.!@$*=-?])

    Must contain at least one special character. This could be any of the following symbols: _.!@$*=-?

    (?!.*(?i)password)

    The password must not contain the string "password".

    .{8,20}

    The length of the password must be between 8 and 20 characters.

    )

    Closing Parenthesis. This is required.

  8. Change the password complexity by modifying the string. You can do this by adding, deleting, or editing the patterns in the regular expression.

  9. Click Save.

  10. Restart FFM services, by executing the following command:

    rcffmservices restart

  11. Enforce the new password complexity on the user accounts by performing the forced password change procedure. To know more about forced password change procedure, refer to the “Forcing a Password Change” section in the ClearPath Forward Administration and Operations Guide (82224544-007).

Backing up the Modified Configuration File

By default, the config.properties file is not a part of the Fabric Manager backup. Therefore, you must copy this file manually to a location external to the FMP.