Novell Documentation: Novell SecureLogin 3.51.1

RestrictVariable

Item	Description
Use with:	All
SecureLogin Version:	All
Type:	Action
Usage:	RestrictVariable Variable-Name Password-Policy
Arguments: Variable-Name Password-Policy	The name of the variable to restrict. The name of the policy to enforce on the variable.
Description:	Monitors a Variable and enforces a specified Password Policy on the Variable. Any variable specified must match the policy or it won't be saved. When restricting variables to policies, be aware of the following information if you are making a tighter policy than is already in place. If you restrict a variable that doesn't match the policy today, the user won't be able to save it the first time. (When SecureLogin detects that there is no saved credential, a user who has a password of 6 characters today won't be able to save it if the policy restricts the $Password variable to eight characters and two numbers.) Example 2 tells how to work around this issue. Instead of restricting the $Password variable, restrict a new password variable (?NewPwd). The User will be able to store an existing password the first time that SecureLogin prompts for the credentials. Also, SecureLogin enforces the stronger password policy when the password expires in x days. You can restrict any variable by using a password policy, not just a $Password. You can also use RestrictVariable to make sure other variables are entered in the correct format. For example, the $Username might need to be lowercase, or $Database might need to be six characters with no numbers.
Example 1: Windows Script The script restricts the $Password variable to the Finance password policy. When the user first saves login credentials, the user's password must match the policy. When the password requires changing, the script randomly generates a new password based on that policy. No user intervention is required.	# Set the Password to use the Finance Password Policy RestrictVariable $Password FinancePwdPolicy # Login Dialog Box Dialog Class #32770 Title "Login" EndDialog Type $Username #1001 Type $Password #1002 # Change Password Dialog Box Dialog Class #32770 Title "Change Password" EndDialog Type $Username #1015 Type $Password #1004 ChangePassword $Password Random Type $Password #1005 Type $Password #1006 Click #1
Example 2: Windows Script The script restricts the ?NewPwd variable to the Finance password policy. When the application starts for the first time and prompts the user to enter credentials, the user's current password ($Password) is saved and used. When the password expires, the password policy is enforced on any new password. If you can't guarantee that all existing passwords meet the new policy, this is a graceful way to enforce tougher password policies than are currently in place.	# Set the Password to use the Finance Password Policy RestrictVariable ?NewPwd FinancePwdPolicy # Login Dialog Box Dialog Class #32770 Title "Login" EndDialog Type $Username #1001 Type $Password #1002 Click #1 # Change Password Dialog Box Dialog Class #32770 Title "Change Password" EndDialog Type $Username #1015 Type $Password #1004 ChangePassword ?NewPwd Random Type ?NewPwd #1005 Type ?NewPwd #1006 Set $Password ?NewPwd Click #1