security dynamic-authorization authentication-history-policy modify
Modify authentication history policy
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The security dynamic-authorization authentication-history-policy modify
command updates the authentication history policy settings for dynamic authorization.
Parameters
-vserver <vserver name>
- Vserver-
This parameter optionally specifies the Vserver associated with the authentication history policy setting. If this parameter is specified, the setting applies to that Vserver only. If not specified, the cluster Vserver setting is used.
[-use-last-num-days <integer>]
- Last Number of Days-
This parameter optionally specifies the last number of days of authentication history statistics to use in calculating the trust score for the authentication history component. By default, this is set to -1, which means the trust score for authentication history component is calculated from all successful and failed authentications since the user's first successful login.
[-lower-boundary <percent>]
- Lower Boundary of Authentication Failures-
This parameter optionally specifies the lower boundary of authentication failures. The value is a percentage from 0 to 99, and must be less than or equal to the upper boundary. When used in conjunction with the
upper-boundary
, if the authentication failures are less than thelower-boundary
percentage, the authentication history component gets a full trust score, while if the authentication failures are higher than theupper-boundary
percentage, the authentication history component gets a zero trust score. Authentication failures falling between thelower-boundary
andupper-boundary
gets a 50% trust score for the authentication history component. [-upper-boundary <percent>]
- Upper Boundary of Authentication Failures-
This parameter optionally specifies upper boundary of authentication failures. The value is a percentage from 0 to 100, and must be greater than or equal to the lower boundary. Refer to the description in the
lower-boundary
parameter on how this setting is used.
Examples
The following command modifies the upper boundary of authentication failures for the Administrative Vserver to 90%.
cluster1::*> security dynamic-authorization authentication-history-policy modify -upper-boundary 90 cluster1::*> security dynamic-authorization authentication-history-policy show Vserver: cluster1 Last Number of Days: 90 Lower Boundary of Authentication Failures: 10% Upper Boundary of Authentication Failures: 90% Vserver: svm0 Last Number of Days: -1 Lower Boundary of Authentication Failures: 10% Upper Boundary of Authentication Failures: 100% 2 entries were displayed.