Account lockout for ssmcaudit user

For Standards security requirement, SSMC provides a switchable facility to enable locking of ssmcaudit user account for consecutive failed logon attempts. The locking is not applicable for ssmcadmin user, as it is an emergency account within SSMC.

When this switch is enabled, the ssmcaudit user gets locked out after three consecutive failed logon attempts, over any span of time. In other words, the account gets locked out after the third consecutive attempt even if the last logon attempt is made after several days. However, ssmcadmin can unlock a locked ssmcaudit user by executing unlock_ssmcaudituser operation.

Enable or disable ssmcaudit account lockout

To enable account lockout for ssmcaudit, execute the following command:

sudo /ssmc/bin/config_security.sh -o session_lock -a enable -f

To disable the account lockout, execute the following command:

sudo /ssmc/bin/config_security.shh -o session_lock -a disable -f

To unlock a locked ssmcaudit user account, execute the following command:

sudo /ssmc/bin/config_security.sh -o unlock_ssmcaudituser