McDewey

C H A P T E R 19 Credential Policies • Credential Policy Overview, on page 227 • Configure Default Credential Policy, on page 229 • Edit User Credentials or Credential Policy, on page 230 • Enable PIN Synchronization , on page 230 • Monitor Authentication Activity, on page 231 • Configuring Credential Caching, on page 232 • Manage Session Termination, on page 233 Credential Policy Overview Credential policies control the authentication process for resources in Unified Communications Manager. A credential policy defines password requirements and account lockout details such as failed login attempts, expiration periods and lockout durations for end user passwords, end user PINs, and application user passwords. Credential policies can be assigned broadly to all accounts of a specific credential types, such as all end user PINs, or they can be customized for a specific application user, or end user. Credential Types In Credential Policy Configuration, you can configure a new credential policy and then apply that new policy as the default credential policy for each of the following three credential types: • End User PINs • End User Passwords • Application User Passwords You can also apply the credential policy to a specific end user PIN, end user password, or application user password. Credential Policies with LDAP Authentication Enabled If your system is configured for LDAP Authentications with the corporate directory: • With LDAP Authentication enabled, credential policies do not apply to end user passwords. • Credential policies do apply to end user PINs and application user passwords, irrespective of whether LDAP Authentication is enabled. These password types use local authentication. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 227