Different Password Policies

Question

Is there a way to have different password polices for user accounts? &nbsp;
I am using local auth and need admin user accounts to expire after a certain amount of time. However, I also have service accounts that I don't want to expire. Can I do both? &nbsp;
I tried creating a separate partition for the service accounts but the Password Policy follows.&nbsp;

youssef1 · Answer

Hi,&nbsp;
I don't think is possible.
the only way to have separate policy is to have a remote auth for users (ldap, tacacs, ...), then of course admin an root stay local...&nbsp;

leonardo_souza · Answer

https://support.f5.com/csp/article/K15497&nbsp;
"When you have configured policy restrictions using the Configuration utility, policy restrictions apply to all user accounts"&nbsp;
After reading this, my question was if was possible via tmsh, because they specified Configuration Utility.&nbsp;
However, I don't see any difference in tmsh, so I'm assuming is the same as GUI.&nbsp;
So, you can't do this if you use local authentication.&nbsp;
You can use a remote authentication and setup the users in the authentication server. Admin/root will always be local.&nbsp;

Forum Discussion

Different Password Policies

Recent Discussions

ASM Export JSON - size Limit ?

Can i apply ddos profile on virtual server using port range

I used the wrong email account when take Application Delivery Exam (101)

F5 iControl REST API - viewBy Parameter Issue in Analytics Report

'F5 rules for AWS WAF' ruleset not working for jsp web shell attack

Related Content

Password Safety & Security: Passwords vs. Passphrases

Automate scp transfers using password

Different policies same destination and pool

LTM policy to route traffic to different pools

Pwned Passwords Check

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS