|
|
@@ -450,7 +450,7 @@ Setting_Description_otp.secret.recoveryCodes=Number of OTP recovery codes to sup
|
|
|
Setting_Description_otp.secret.storageFormat=Storage format used to save one time password secrets.\n<table style\="width\: 400px">\n<tr><td>Format</td><td>Description</td></tr>\n<tr><td>PWM JSON</td><td>Store the secret, descriptions and recovery codes in PWM native (json) format.</td></tr>\n<tr><td>Base32 secret</td><td>Store only the TOTP-secret as a base32 encoded string. This format does not support recovery codes or counter based tokens.</td></tr>\n<tr><td>OTP URL</td><td>Store the secret and description as an otpauth\:// url, used for generating the QR-code. This format does not support recovery codes.</td></tr>\n<tr><td>PAM text</td><td>Store the secret, description and recovery codes in the text file format, used by the Google Authenticator PAM module.</td></tr>\n</table>
|
|
|
Setting_Description_otp.secret.writePreference=Location to write the OTP secret to. All storage methods will be written to when the user configures their response answers.
|
|
|
Setting_Description_password.allowChange.queryMatch=Permissions used to detect if a user is a permitted to change password.
|
|
|
-Setting_Description_password.change.requireCurrent=If true, the user's current password will be required on the change password page for most change password scenarios. In most cases this is not required because the user just authenticated prior to the seeing the change password page. The major exception is when using SSO, in that case you will probably what to set "Only when not expired" so that the current password must be supplied when the user attempts a password change during a session, but not when forced to change immediately upon authentication.
|
|
|
+Setting_Description_password.change.requireCurrent=Requires users to provide their current passwords on the Change Password page. You must enable this option if users are using a single sign-on service. In most cases, this is not required because the single sign-on service authenticates the users prior to accessing the Change Password page.
|
|
|
Setting_Description_passwordLastUpdateAttribute=This attribute is used to mark when the password is updated, and is used during replication checks, and other processes.
|
|
|
Setting_Description_password.policy.ADComplexity=Enforce Microsoft Active Directory 2003 style password complexity rules\:<ul><li>Not contain the user's account name or parts of the user's full name that exceed two consecutive characters</li><li>Be at least six characters in length</li><li>Contain characters from three of the following four categories\:<ul><li>English uppercase characters (A through Z)</li><li>English lowercase characters (a through z)</li><li>Base 10 digits (0 through 9)</li><li>Non-alphabetic characters (for example, \!, $, \#, %)</li></ul></ul>
|
|
|
Setting_Description_password.policy.ADComplexityLevel=Choose the Microsoft Active Directory style password complexity rules. <p><code>AD 2003 Level Complexity\:</code></p> <ul> <li>Can not contain the user's account name or parts of the user's full name that exceed two consecutive characters</li> <li>Minimum 6 characters</li> <li>Maximum 128 characters</li> <li> Must contain characters from three of the following four categories\: <ul> <li>English uppercase characters (A through Z)</li> <li>English lowercase characters (a through z)</li> <li>Base 10 digits (0 through 9)</li> <li>Non-alphabetic characters (for example, \!, $, \#, %)</li> </ul> </li> </ul> <p><code>AD 2008 Level Complexity\:</code></p> <ul> <li>Can not contain the user's account name or parts of the user's full name that exceed two consecutive characters</li> <li>Minimum 6 characters</li> <li>Maximum 512 characters</li> <li> Must contain characters from several of the following categories. The exact number of categories is specified by the setting <a data-gotoSettingLink\="password.policy.ADComplexityMaxViolations">@PwmSettingReference\:password.policy.ADComplexityMaxViolations@</a>.<ul> <li>European language uppercase alphabetic characters</li> <li>European language lowercase alphabetic characters</li> <li>Base 10 digits (0 through 9)</li> <li>Non-alphabetic characters (for example, \!, $, \#, %)</li> <li>Other alphabetic characters not included in the other categories</li> </ul> </li> </ul>
|
|
|
@@ -599,7 +599,7 @@ Setting_Description_sms.requestContentType=Content Type for POST data. This is t
|
|
|
Setting_Description_sms.requestData=The data to be submitted in order to send an SMS message. You can usecertain codes that will be replaced\:<ul><li><tt>%USER%</tt>\: authentication user name</li><li><tt>%PASS%</tt>\: authentication password</li><li><tt>%SENDERID%</tt>\: sender identification</li><li><tt>%TO%</tt>\: recipient SMS number</li><li><tt>%REQUESTID%</tt>\: randomly generated request identifier</li><li><tt>%MESSAGE%</tt>\: the message to be sent</li></ul>
|
|
|
Setting_Description_sms.requestId.characters=Available characters SMS request ID.
|
|
|
Setting_Description_sms.requestId.length=Length of the SMS request ID.
|
|
|
-Setting_Description_sms.responseOkRegex=Regular expressions that can be used to determine whether the SMS has been sent successfully. If the response matches any of the expressions, the transmission is considered succesful. If no expressions are entered, all transmissions are assumed successful. NOTE\: the string must match an entire line. Use <tt>.*</tt> to match anything after the required texts.
|
|
|
+Setting_Description_sms.responseOkRegex=Specify the regular expression that you can use to determine whether the system sent the SMS successfully to the gateway. If the response matches any of the expressions, Self Service Password Reset considers the transmission successful. If you do not specify any expressions, Self Service Password Reset assumes that all transmissions are successful.\n\nIf the response matches none of the expressions, Self Service Password Reset retries the SMS later (default 30 seconds). Use the Maximum SMS Queue Age option to limit the number of retries.\n\nNOTE\: The string must match an entire line. Use .* to match anything after the required texts.
|
|
|
Setting_Description_sms.senderID=Alphanumerical sender identification. If blank, the provider will most likely use a default or anonymous sender identification. In most cases the sender ID must be validated by the SMS provider. Please contact your provider for values that can be used as a valid sender identification.
|
|
|
Setting_Description_sms.successResultCodes=HTTP Result codes that will be considered successful send attempts.
|
|
|
Setting_Description_sms.userSmsAttribute=User LDAP attribute containing the user's mobile phone number for SMS.
|
Jason Rivard