Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Password Policy - User Lockout Settings

krishna_sk
New Contributor III
New Contributor III

Hi team,

We have configured the following parameters in the "externalconfig.properties"  file as suggested in the Document portal.(https://docs.saviyntcloud.com/bundle/EIC-Admin-v24x/page/Content/Chapter14-Password-Management/Passw...)

krishna_sk_0-1713857732422.png

Even after updating the parameters, when we tried logging into Saviynt through Postman with incorrect password for multiple times, we didn't see the Account got locked.

Could you please let us know whether we need to do any other configurational changes anywhere and let us know your insights on this.

Thank you.

 

8 REPLIES 8

rushikeshvartak
All-Star
All-Star

Above configuration is for user. and does server has been restarted ?


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

HI @rushikeshvartak 

Yes , we tried after restarting the server only and still seeing the same issue.

Thank you

Check password policy under identity repository 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

krishna_sk
New Contributor III
New Contributor III

HI @rushikeshvartak 

 

The below is the Password policy under Identity Repository we have for Users.

 

krishna_sk_0-1713952580005.png

Thank you.

What is scope its application or user ? Subject says account


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Hi @rushikeshvartak

The Scope is for Users. I changed the Subject as well.

Thank you.

You can have one user scope policy and multiple application scope policy

 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

krishna_sk
New Contributor III
New Contributor III

@rushikeshvartak  yes, We are having only one user policy. With all the above configurations as well, the user is not getting locked, when we tried to enter incorrect password for more than 3 times.

Thank you.