Specifies Authentication, the type of this Active Directory action.
Specifies an Active Directory server; servers are defined in the
area of the Configuration utility.
Cross Domain Support
Specifies whether AD cross domain authentication support is enabled for
Complexity check for Password Reset
Specifies whether Access Policy
Manager (APM) performs a password policy check.
APM supports these Active Directory password policies:
Maximum password age
Minimum password age
Password must meet
APM must retrieve all related password policies from the domain to make the appropriate
checks on the new password.
Because this option might require administrative privileges, the
administrator name and password might be required on the AAA Active Directory server
Enabling this option increases overall authentication traffic
significantly because APM must retrieve password policies using LDAP protocol and must
retrieve user information during the authentication process to properly check the new
Show Extended Error
When enabled, causes comprehensive error messages generated by the
authentication server to display on the user's logon page. This setting is intended only for
use in testing, in a production or debugging environment. If enabled in a live environment,
your system might be vulnerable to malicious attacks. (When disabled, displays
non-comprehensive error messages generated by the authentication server on the user's logon
Max Logon Attempts Allowed
Specifies the number of user authentication logon attempts to allow. A
complete logon and password challenge and response is considered as one attempt.
per-request policy subroutine, equivalent functionality is supported through subroutine
Max Password Reset Attempts Allowed
Specifies the number of times that APM allows the user to try to reset