Installation GuideEnd User GuideVideo TutorialsThese settings govern the monitoring of when a revealed account password is used to logon. This feature can be used in a passive monitoring manner, or to block an account if is has not been used within an allotted time. Results are shown on the Dashboard in the Account Logons chart.
|
Setting / Description |
Default Value |
|
Apply Policy when Domain Account Logon lifetime expires? |
NO |
|
If this is disabled this feature works passively and does not expire windows domain passwords after the lifetime has expired. |
|
|
Apply Policy when Non Domain Account Logon lifetime has expired? |
NO |
|
If this is disabled this feature works passively and does not expire non windows domain passwords after the lifetime has expired. |
|
|
Days to keep Account Logon records in the database |
1826 |
|
For auditing, records can be kept of all logons through ForestSafe, the fault is 5 years |
|
|
Enable logon management of retrieved Domain account passwords? |
NO |
|
Enable this feature on Domain Accounts. |
|
|
Enable logon monitoring of Retrieved Non Domain account passwords |
NO |
|
Enable this feature on non Domain accounts. |
|
|
Minutes allowed logon lifetime before LOGONEXPIRY status (0=no expiry) |
0 |
|
The lifetime is the time between a password release, and the time by which it has to be used. If it is 0, then only basic monitoring occurs. |
|
|
Minutes Database polling interval for fetching account logon data |
1 |
|
After a password is released this feature rolls the intended target to check if the account can been used. This setting controls the frequency of the checks. |
|
|
Minutes Keep Active Account Logon records in display |
60 |
|
Visually the chart will only show records that appear within this time frame. |
|
|
Minutes margin for time lag between server and remote clients |
1 |
|
Clocks can be set differently between ForestSafe servers and the hosts. This setting is the allowed margin of error. |
