Defining Security Policies

Context

With this procedure, you create security policies with attributes, for which you explicitly do not want to use the default value. For example, you assign a new security policy called Digits, and change, as described below, the standard value for the attribute MIN_PASSWORD_DIGITS from 0 to 4. The new security policy Digits then uses the standard values for all security policy attributes, with the exception of the attribute MIN_PASSWORD_DIGITS. You can, however, also create a security policy without defining attributes. This policy then uses the default values for all security policy attributes.

Procedure

Start the maintenance tool for security policies (transaction SECPOL).
In change mode, choose New Entries.
Enter a name in the Security Policy field and a description in the Short Text field.
Double-click the Attributes node.
Select the security policy, and double-click the Attributes node again.

The change view for attributes appears.
Choose New Entries.
In the field Policy Attribute Name, enter, for example using the input help. a security policy attribute and, in the Attribute Value field, a value.

Note

Once you have specified all of the attributes to be changed, you can display the attribute values that actually apply for the policy. To do this, choose the Effective... pushbutton. The system displays both the attributes that you changed and the attributes that have been retained with default values in the security policy.
Save your entries.

Results

The system automatically performs a consistency check and displays all entries with problems. If there are any problems, you must correct these before the system can save your new policy.

Next Steps

Assigning Security Policies to Users