You can create local user accounts in AMC and then map them to a local authentication repository. For
information on creating local user accounts, see Managing Local User Accounts.
Only one local user store can be created on the appliance.
In the AMC, navigate to System Configuration > Authentication Servers.
Under Local user storage, click Local users (if a local store already exists, this option is dimmed).
The Configure Authentication Server page displays.
In the Name field, type a name for the authentication server.
In the Password policy area, specify the minimum and maximum number of characters allowed for passwords. The minimum can be as few as 4, and the maximum can be as many as 256.
Select the Lowercase letters checkbox to specify that user passwords must contain at least one lowercase character.
Select the Uppercase letters checkbox to specify that user passwords must contain at least one uppercase character.
Select the Numeric digits checkbox to specify that user passwords must contain at least one number (0-9).
Select the Symbols checkbox to specify that user passwords must contain at least one symbolic character (
UTF-8 characters are supported in the password.
In the Password expiration area, select the Passwords expire after checkbox. Clear the checkbox to
allow user passwords to never expire.
- Enter the number of days after which user passwords will expire. The default is 60 days ; minimum is 1 day, and the maximum is 365 days.
Select the Begin prompting user checkbox and enter the number of days before expiration that the user
will be prompted to change the password. The default is 14 days.
- To change the prompts and other text that Windows users see when they log in, expand the Advancedsection.
Select the Customize authentication server prompts checkbox.
The page title, message, and login prompts can all be customized. For example, if an employee ID
number is used to identify a user, you could change the text for the Identity prompt from Username to Employee ID. If this configuration is being used for testing, a customized Message could point to test
procedures or other instructions.
Enter the password or other proof of identity into the Proof field.
- In the One-Time Passwords area, to configure two-factor authentication with one-time passwords,
select Use one-time passwords with this authentication server.
- Define the password format by entering the number and type of characters into the Passwords contain field.
In the From address field, enter the email address from which one-time passwords will be sent.
- In the Default domain field, optionally enter the domain to be appended to each user name to create an
email address for local users to which one-time passwords will be sent.
You can override the default domain by configuring an email address for each local user in the Email
This email address will be available as a User attribute type policy variable named
primaryEmail. One email address per user is supported.
- Click the Send test message button to send a test email message to verify that the message, password,
and SMTP settings are correct.
In the Subject field, enter the text for the subject line when e-mailing the one-time password.
- In the Body field, enter the content of the email that will contain the one-time password. (For more
information about one-time passwords, see Using One-Time Passwords for Added Security.)