Number of full connections/licences
This parameter is used to lock a user account after a certain number of connection attempts with an incorrect password. Where this parameter is not blank, once the number of unsuccessful attempts exceeds the authorized value, the user account is locked. Two solutions are available to an administrator to unlock the user account:
- either to use the password deletion function available in user management, which will unlock the account. For security reasons, it is then recommended to make a password mandatory in order that the user, on their next connection, need to enter a new password (the PASSWD parameter is used to define this).
- or (potentially) to increase the value of this parameter (at least temporarily), in order to allow the user to have available several additional attempts. For instance, by switching from the value 3 to 5, the user can make up to two new attempts to connect. Once a successful connection is established, the number of consecutive attempts that have failed will return to 0, and it will then be possible to return to the previous value.
Level of localization / Global variable
This parameter is defined at the level Folder. It belongs to Chapter SUP (Supervisor) and the Group SEC (Security), The following parameters are also associated with this chapter and group :
- ADMUSR (Super user)
- CHGPASS (Password management)
- MAILSAGE (Sage license e-mail address)
- PASLNG (Length of password)
- PASSWD (Require password)
- SSOCLAOBJ (Class for LDAP search)
- SSOCONNECT (SSO connection)
- SSODOMAIN (User domain)
- SSOMAJ (Update user upon connection)
- SSOPASSWD (Control SSO password)
- SSOREFMAJ (Reference for user update)
- TABTRA (Trace system transactions)
No global variable is associated with it.
Linked parameters
The following parameters are linked to the parameter NBRCON :
Supervisor
PASLNG (defined at level Folder) : Length of password
PASSWD (defined at level Folder) : Require password
TIMEHGUP1 (defined at level User) : Time limited for disconnection
TIMEHGUP2 (defined at level User) : Connection timeout
TIMEHGUP3 (defined at level User) : Secondary session time out
Comments
This type of control is applied to all the users irrespective of their profile (including those with the administrator profile defined in the ADMUSR parameter), with the exception of course of the general administrator themselves.