Am i missing something here? }Client Properties - PasswordExpirationDays - forces the user to change password after x days
I have this enforced by a rule;
Code: Select all
#Ensure admin account never expires
['PasswordExpirationDays', 'Admin'] = S: 'No Expiration.';
#if pwd is left blank, change "last time updated" to be a year in the past and force the account to
#be invalidated.
['PasswordLastTimeUpdated'] = S:
IF ( DB('}ClientProperties',!}Clients,'Password') @= ' ' ,
'20' | SUBST ( Date (NOW-365) ,1, 2 ) | SUBST ( Date (NOW) ,4, 2 ) | SUBST ( Date (NOW) ,7, 2 ) | '000000' ,
STET);
#if pwd is "<secret default pwd>" set it to expire in 5 days so the user is nagged to alter it.
['PasswordExpirationDays'] = S:
IF ( DB('}ClientGroups',!}Clients,'ADMIN') @= 'ADMIN' ,
IF ( DB('}ClientProperties',!}Clients,'Password') @= '<encrypted version of default pwd>' ,
'5' ,
'90' ),
IF ( DB('}ClientProperties',!}Clients,'Password') @= '<encrypted version of default pwd>' ,
'5' ,
'90' ));
OK so its still basic and pee's a lot of users off, but at least we pass audits
Most annoying feature is you can't get a reminder longer than 5 days, so if you don't log in very often (like a lot of our users) or happen to be on holiday / off sick when it expires, admin will have to reset it for you. I have submitted an enhancement request to Cognos to allow this to be configurable in the server, not got a possible date for inclusion yet tho.
If this were a dictatorship, it would be a heck of a lot easier, just so long as I'm the dictator.
Production: Planning Analytics 64 bit 2.0.5, Windows 2016 Server. Excel 2016, IE11 for t'internet