Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
- System security
- Encryption of configuration file settings
- Encryption of operator passwords
- Encryption of client keystore passwords
- Randomly generated master keys
- Inactivity timer
- Lockout feature
- System quiesce: Login restrictions
- Mandanten file security
- Multicompany mode
- Script utilities
- Security tables
- Secure Sockets Layer (SSL) encryption and server certificates
- Support of the HTTP Strict Transport Security protocol
- Trusted sign-on
- Common Access Card (CAC) sign-on
- SAML Single Sign-On
- FIPS mode
- Tokenization
Lockout feature
The lockout feature automatically disables a user account if the user fails to provide the correct password after a specified number of attempts. Your user profile must include the system administration capability word to use this feature.
Enable the user lockout feature
Applies to User roles: System Administrator
The user lockout feature automatically disables a user account if the user fails to provide the correct password after a specified number of attempts.
Note Enabling the user lockout feature is the only way to restrict access from the Windows client. The Attempts Per Login Session settings does not affect Windows clients because the Windows client creates a new session for each login attempt.
To enable the user lockout feature:
- Click System Administration > Base System Configuration > Miscellaneous > System Information Record.
- Click the Logon Info tab.
- In the Use User Lockout section, select Use User Lockout.
- In the Attempts Until Lockout field, type the number of login attempts the user has until Service Manager locks out the account.
- Select one of the following options:
- Complete Lockout — select this option to deny the user access to Service Manager until a system administrator resets the lockout.
- Lock Out Time Period — select this option to deny the user access to Service Manager for a specified period of time.
Type the time period in the following format: Dayshours:minutes:seconds. For example, 4 03:02:01 locks out the user for 4 days, 3 hours, 2 minutes, and 1 second.
- Click Save.
Lock out a user
Applies to User Roles:
System Administrator
To lock out a user:
- Click System Administration > Ongoing Maintenance > Operators.
- Type or select optional search criteria.
- Click Search.
- Select the operator to lock out.
- Click the Security tab.
- Select the Administrative Lockout option
- Click Save.
Reset a locked out user
Applies to User Roles:
System Administrator
To reset a locked out user:
- Click System Administration > Ongoing Maintenance > Operators.
- Type or select optional search criteria.
- Click Search.
- Select the operator record.
- Click the Security tab.
- Click More or the More Actions icon, and then select User Lockout Reset.
- Click Save.
Service Manager unlocks the user’s operator record and clears the Failed Login Count, Locked Until, and User has been Locked? fields.
View a user’s lockout history
Applies to User Roles:
System Administrator
To view a user's lockout history
- Click System Administration > Ongoing Maintenance > Operators.
- Click Search.
- Select the operator record to view.
- Click the Security tab.
View system level user lockout history
If a system administrator has enabled the Use User Lockout feature in the System Information Record, a user may be locked out for several reasons. For example, the user has attempted to log in with an invalid password more than the number of times defined by the system administrator or the user is locked out by the system administrator.
A specific user's lockout status in displayed in the Security tab of the user's operator record. When a user is locked out, the User has been locked out option is selected and the Lockout Reason field displays the reason (for example, Max Failed Logins).
At the system level, the lockout history of all users is stored in the operatorlockhistory
table in the database. To view system level user lockout history, use either of the following ways:
- Open Database Manager, enter operatorlockhistory in the Table field and then click the Search button.
-
Navigate to Miscellaneous > Dashboard and then open the License Overview dashboard. If the "Operator Lockout History within 7 days" report is not displayed on the dashboard, click Add Content and then click License to add this report to the dashboard. This report uses the operatorlockhistory table as the data source.
Related topics
Application profiles
Environment record
User roles
Capability word model
Adding users
Checklist: Adding a new user
Controlling user access and security
Creating operator records
Defining named users
Operator passwords
Operator records
Operator templates
System quiesce: Login restrictions