Youmust have admin or aaa privileges to change the password profile properties. Except for password
history,these properties do not apply to users with admin or aaa privileges.
Note
Password History Count
Thepassword history count allows you to prevent locally authenticated users from reusing the same password
overand over again. When this property is configured, Cisco UCS Manager stores passwords that were
previouslyused by locally authenticated users up to a maximum of 15 passwords. The passwords are stored
inreverse chronological order with the most recent password first to ensure that the only the oldest password
canbe reused when the history count threshold is reached.
Auser mustcreate and use the number of passwords configured in the password history count before being
ableto reuse one. For example, if you set the password history count to 8, a locally authenticated user cannot
reusethe first password until after the ninth password has expired.
Bydefault, the password history is set to 0. Thisvalue disables the history count and allows users to reuse
previouslypasswords at any time.
Ifnecessary, you can clear the password history count for a locally authenticated user and enable reuse of
previouspasswords.
Password Change Interval
Thepassword change interval enables you to restrict the number of password changes a locally authenticated
usercan make within a given number of hours. Thefollowing table describes the two configuration options
forthe passwordchange interval.
ExampleDescriptionInterval Configuration
Forexample, to prevent passwords from
beingchanged within 48 hoursafter a
locallyauthenticated user changeshis
orher password,set the following:
• Change during interval to disable
• No change interval to 48
Thisoption does not passwordsfor
locallyauthenticated users tobe
changedwithin a specifiednumber of
hoursafter a passwordchange.
Youcan specify a no change interval
between1 and 745 hours. By default,
theno change interval is 24 hours.
Nopassword change
allowed
Forexample, to allow to be changed a
maximumof once within 24 hours after
alocally authenticated user changes his
orher password,set the following:
• Change during interval to enable
• Change count to 1
• Change interval to 24
Thisoption specifiesthe maximum
numberof timesthat passwords for
locallyauthenticated users canbe
changedwithin a pre-definedinterval.
Youcan specify a change interval
between1 and 745 hours and a
maximumnumber of password changes
between0 and 10. By default, a locally
authenticateduser is permitteda
maximumof 2 passwordchanges
withina 48 hour interval.
Passwordchanges
allowedwithin change
interval
Cisco UCS Manager GUI Configuration Guide, Release 2.0
178 OL-25712-04
Password Profile for Locally Authenticated Users