Some of the technical content on this site is only available in English.

Security tab in Space General options

Overview

The Security tab is only available for operators with admin rights (admin operator).

This section covers the password management in Space. As well as explaining the main operator password options, it also indicates how to enable the Lightweight Directory Access Protocol (LDAP) for both operators and users. Space is compatible with Service Directories which support the LDAP Protocol. The Enforce password policy is enabled by default when creating a new system.

Password fields for a new database createdPassword fields for a new database created

The initial password settings can be modified from System > General options > Security.

'Operators' panel in 'Security' tab'Operators' panel in 'Security' tab

Security tab items

ItemDescription
Enforce account lockout policyNumber of failed logon attempts that will lockout the account (5 by default).
Reset failed logon attempts that will lockout the account in minutes. If the operator tries the password with no success the attempt number will be reset after the period defined (10 minutes by default).
Define either the time the account will remain locked out after the number of attempts is exceeded or restrict the release of the account to the system administrator. By default it is set to 30 minutes.
Enforce password policy- Minimum length: 8 characters (16 maximum)
- At least one upper case and one lower case
- At least one number or one special character: !"#$%&'()*+,-./:;<=>?@[]^_`{
Enforce password expirationNumber of days for the password to expire. Disabled by default.
Enforce password historyNumber of previous passwords to be remembered by the system so that they cannot be repeated when creating a new password.
Enforce 2FA for all operatorsWhen activating this configuration, all operators, including administrator operators, must configure two-factor authentication next time they log in. See Two-factor authentication and Logging in with two-factor authentication enabled for more information.

LDAP for operators

You can enable the Lightweight Directory Access Protocol (LDAP) for operators from the Security tab in General options.

'LDAP' panel in 'Security' tab - Operators'LDAP' panel in 'Security' tab - Operators

Once this option is enabled, you need to fill the necessary setup to enable the connectivity with your LDAP.

To complete the configuration of LDAP for operators, also contact your technical support team. They should be able to provide more information on the technical details on your specific IT setup for using LDAP.

The synchronizing of LDAP operators allows the synchronization of operators from an Active Directory using LDAP protocol. There is no need to store operator's credentials (that is, username and password) in Space database for authentication purposes. The credentials are directly saved in the Directory Service.

Once this setup is done you must carry out a synchronization or a scheduled job.

LDAP for users

You can enable the Lightweight Directory Access Protocol (LDAP) for users from the Security tab in General options.

'LDAP' panel in 'Security' tab - Users'LDAP' panel in 'Security' tab - Users

Once this option is enabled, you need to fill the necessary setup to enable the connectivity with your LDAP.

To complete the configuration of LDAP for users, also contact your technical support team. They should be able to provide more information on the technical details on your specific IT setup for using LDAP.

The synchronizing of LDAP operators allows the synchronization of operators from an Active Directory using LDAP protocol. These users can be associated with a user access level.

Once this setup is done you must carry out synchronization a scheduled job.

Salto Systems, S. L. uses third-party data storage and retrieval devices in order to allow secure browsing and gain a better understanding of how users interact with the website in order to improve our services. You can accept all cookies by clicking the "Accept cookies" button or reject their use by clicking the "Reject cookies" button. For more information, visit our Cookies Policy