diff --git a/confluent_server/confluent/config/attributes.py b/confluent_server/confluent/config/attributes.py index 55e449bc..0d9f61ae 100644 --- a/confluent_server/confluent/config/attributes.py +++ b/confluent_server/confluent/config/attributes.py @@ -158,9 +158,10 @@ node = { }, 'discovery.passwordrules': { 'description': 'Any specified rules shall be configured on the BMC ' - 'upon discovery. "expiration=no,loginfailures=no" ' - 'would disable password expiration and login failures ' - 'triggering a lockout.' + 'upon discovery. "expiration=no,loginfailures=no,complexity=no,reuse=no" ' + 'would disable password expiration, login failures ' + 'triggering a lockout, password complexity requirements,' + 'and any restrictions around reusing an old password.' }, 'discovery.policy': { 'description': 'Policy to use for auto-configuration of discovered ' diff --git a/confluent_server/confluent/discovery/handlers/xcc.py b/confluent_server/confluent/discovery/handlers/xcc.py index e093b9fb..f6ba2722 100644 --- a/confluent_server/confluent/discovery/handlers/xcc.py +++ b/confluent_server/confluent/discovery/handlers/xcc.py @@ -1,4 +1,4 @@ -# Copyright 2017 Lenovo +# Copyright 2017-2019 Lenovo # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -71,6 +71,10 @@ class NodeHandler(immhandler.NodeHandler): if value.lower() in ('no', 'none', 'disable', 'disabled'): value = '0' ruleset['USER_GlobalMaxLoginFailures'] = value + if name.lower() == 'complexity': + ruleset['USER_GlobalPassComplexRequired'] = value + if name.lower() == 'reuse': + ruleset['USER_GlobalMinPassReuseCycle'] = value ic.register_key_handler(self.validate_cert) ic.oem_init() ic._oem.immhandler.wc.grab_json_response('/api/dataset', ruleset)