Screens and Tabs › Tabs › Endpoint Account Management Tabs › Account Management Screens › CA Access Control › Account Tab

Account Tab

Use this tab to specify CA Access Control user information. You can specify account names, user names, or passwords that will be generated from this account template.

The fields on this tab are listed below:

Account ID/Name

• Specifies the account ID/name on a CA Access Control system.
• Rule String: %AC%
• Size/Type: The actual size limit depends on the CA Access Control system where the account is to be created.
• Restrictions: The account name cannot contain certain characters. The actual set of forbidden characters depends on the CA Access Control system where the account is to be created. In general, the account name cannot contain these characters: ', “, ?, or *.
• This is a required field.

User Name

• Specifies the user name of the person who uses the account. Use the %UN% rule string to generate the user name of the user from the Full Name in the Global User property sheet.
• Rule String: %UN%
• Size/Type: 47 alphabetic characters

Description

Specifies a short description of the account.

Password

• To generate a password when an account is created, enter a rule string or value in this field. If you leave the field blank, the account has no password.
• Size/Type: 47
• Restrictions: [, ], /, \. :, ?, |, ", <, >, and *

Confirm Password

Confirms the password for the account.

*For Accounts Only

Password Interval

Specifies a number from 0 to 65535 that represents the number of days for which the password is valid.

Password Minimum Time

Specifies a number from 0 to 65535 that represents the minimum number of days between password changes.

Policy Model

Specifies the Policy Database (PMDB) to which new passwords are propagated when the user changes password by using CA Access Control command sepass.

Note: If an account is assigned to a group that has its Policy Model field defined, the account inherits the Policy Model attribute for the group as if the attribute were explicitly specified for the account.

Suspended

When checked, specifies that the account is suspended because of certain account template violation.

Exception Account

When checked, specifies that the account is an exception account.

*For Accounts Only

ACC

• Specifies that the group is a CA Access Control group. This checkbox is available when adding a new group and when modifying an existing group while the box is unchecked.

  If the box is checked, this function is disabled. Once the group is marked a CA Access Control group, you cannot reverse that decision.

NT

• Specifies that the profile will be created in NT. This checkbox is available when adding a new group to a Windows NT host, or when modifying an existing group on a Windows NT host while the box is unchecked.

  If the box is checked, this function is disabled for UNIX hosts. Once the group is marked a Windows NT group, you cannot reverse that decision.

UNIX

• Specifies that the group is a UNIX group. This checkbox is available when adding a new group to a UNIX host, or when modifying an existing group on a UNIX host while the box is unchecked.

  If the box is checked, this function is disabled for Windows NT hosts. Once the group is marked a UNIX group, you cannot reverse that decision.

Owner: Type

Specifies the type of owner that owns the account. You can choose one of the following:

• Account
• Group

Account Owner

Specifies the account name that owns the account on the CA Access control system. For accounts and account templates, you can manually enter the name of the owner or click the Browse button to search for the owner.

Account Owner Group

Specifies the group name that owns the group on the CA Access control system. For accounts and account templates, manually enter the name of the owner.

Profile Group

• Specifies the CA Access Control profile group that the account belongs to. Click the Browse button to search for the profile group.