2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-23 01:53:28 +00:00

Add complexity and reuse rules to discovery

Discovery can now relax two more common policies that have users
wanting to disable them.
This commit is contained in:
Jarrod Johnson 2019-01-17 11:02:05 -05:00
parent 299181223e
commit 2c94a10e23
2 changed files with 9 additions and 4 deletions

View File

@ -158,9 +158,10 @@ node = {
},
'discovery.passwordrules': {
'description': 'Any specified rules shall be configured on the BMC '
'upon discovery. "expiration=no,loginfailures=no" '
'would disable password expiration and login failures '
'triggering a lockout.'
'upon discovery. "expiration=no,loginfailures=no,complexity=no,reuse=no" '
'would disable password expiration, login failures '
'triggering a lockout, password complexity requirements,'
'and any restrictions around reusing an old password.'
},
'discovery.policy': {
'description': 'Policy to use for auto-configuration of discovered '

View File

@ -1,4 +1,4 @@
# Copyright 2017 Lenovo
# Copyright 2017-2019 Lenovo
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@ -71,6 +71,10 @@ class NodeHandler(immhandler.NodeHandler):
if value.lower() in ('no', 'none', 'disable', 'disabled'):
value = '0'
ruleset['USER_GlobalMaxLoginFailures'] = value
if name.lower() == 'complexity':
ruleset['USER_GlobalPassComplexRequired'] = value
if name.lower() == 'reuse':
ruleset['USER_GlobalMinPassReuseCycle'] = value
ic.register_key_handler(self.validate_cert)
ic.oem_init()
ic._oem.immhandler.wc.grab_json_response('/api/dataset', ruleset)