Setting Access Control Policies

About this task

To set policies that control user access to the SOTI MobiControl console:

Procedure

  1. In the legacy console, go to the All Platforms tab, select the Servers tab.
  2. Under Global Settings, click the wrench icon beside Console Security Settings to open the Console Security dialog box.
    The access control policy settings are for local SOTI MobiControl account users only. You must modify settings for directory services and IdP accounts at their originating point.
  3. Modify the settings to suit your situation.
    Lock accounts after x failed logins When enabled, console users are locked out of their console account if they fail to log into their account more than the specified number of attempts.
    Account password expires after x days When enabled, console users must change the password for their SOTI MobiControl account according to the number of days specified. The new password cannot match the previous password.

    Two weeks prior to password expiration, users will be prompted to update their password on every login. If users fail to update password, prior to expiration, they won't be allowed to sign into SOTI MobiControl until the password has been updated.

    Allow users to change their account password When enabled, console users can choose their own passwords for their account. SOTI MobiControl console administrators will still be able to see passwords on the Security tab.
    Limit users to a single concurrent session When enabled, console users can only have one active session at a time. An existing SOTI MobiControl session will terminate immediate if a user initiates a new session elsewhere.
    User passwords must meet the following complexity requirements When enabled, you can set a minimum level of complexity for user passwords to encourage security when accessing the console. Complexity requirements can be based on password length or mandatory character types.
    Apply complexity requirements to Android Device Administrator Password When enabled, any complexity requirements specified here also apply to the Device Administrator password configured through the Android Plus Authentication profile configuration.

    User passwords must meet the following complexity requirements must be enabled to apply this setting.

    Must be at least x characters long Passwords must be the specified length or longer
    Must contain at least one digit Password must contain at least one of 1 2 3 4 5 6 7 8 9 0
    Must contain at least one upper case letter Password must contain one or more upper case letters
    Must contain at least one punctuation symbol Password must contain one or more punctuation symbol
    Must contain at least one lower case letter Password must contain one or more lower case letters
  4. Click OK to save your settings.

Results

Access control policies will apply immediately to new and existing user accounts. Currently logged in users may be signed out and prompted to update their passwords or behavior to match the new access control policies, depending on the policies you've set.