Configuring the Pre-notification and Post-notification Rule
Use the following procedure to configure the pre-notification and post-notification rule.
After enhanced secure mode is enabled, the switch enforces password expiry. To ensure a user does not lose access, the switch offers pre- and post-notification messages explaining when the password will expire.
The administrator can define pre- and post-notification intervals to between one to 99 days.
Before you begin
You must enable enhanced secure mode in either the JITC or non-JITC sub-modes. As a best practice, use the non-JITC sub-mode because the JITC sub-mode is more restrictive and prevents the use of some troubleshooting utilities.
About this task
The pre-notification intervals provide messages to warn users that their passwords will expire within a particular timeframe:
The post-notification intervals provide notification to users that their passwords have expired within a particular timeframe:
-
interval 1—By default, interval 1 is 1 day.
-
interval 2—By default, interval 2 is 7 days.
-
interval 3—By default, interval 3 is 30 days.
Procedure
Example
Configure the pre- and post-notification rules to the default:
Switch:1>enable Switch:1#configure terminal Switch:1(config)#default password pre-expiry-notification-interval Switch:1(config)#default password post-expiry-notification-interval Switch:1(config)#save config
Variable definitions
Use the data in the following table to use the pre-expiry-notification-interval command.
Variable |
Value |
---|---|
<1–99> <1–99> <1–99> |
Configure the pre-notification intervals to provide messages to warn the users that their passwords will expire within a particular timeframe. The first <1–99> variable specifies the first notification, the second <1–99> specifies the second notification, and the third <1–99> variable specifies the third interval. By default, the first interval is 30 days, the second interval is 7 days, and the third interval is 1 day. |
Use the data in the following table to use the post-expiry-notification-interval command.
Variable |
Value |
---|---|
<1–99> <1–99> <1–99> |
Configure the post-notification intervals to provide notification to the users that their passwords have expired within a particular timeframe. The first <1–99> variable specifies the first notification, the second <1–99> specifies the second notification, and the third <1–99> variable specifies the third interval. By default, the first interval is 1 day, the second interval is 7 days, and the third interval is 30 days. |