Configure Authentication Options

Manage the settings for user login authentication, such as password requirements and lockout time.

To configure user account settings:
  1. Log in to the Conductor with a system administrator account.
  2. Go to Settings > Authentication > Settings > Edit Settings.
  3. Configure User authentication settings:
    • Default authentication provider – Select the default authentication displayed when users log in.
    • Login attempts before lockout – Set the number of unsuccessful login attempts before lockout. Set to 0 to disable.
    • Password expiration – Set the number of days until password expires (default 180 days). Set to 0 to disable.
    • Lockout time – Set the amount of time to track unsuccessful login attempts (default 1 hour).
    • API token expiration – Set the number of days before API tokens expire. Set to 0 to disable.
    • Show "Forgot Your Password?" – Check to display a Forgot your Password? link that allows a user to reset their password (enabled by default).
  4. Configure Password requirements:
    • Minimum password length – Enter the required minimum number of characters
    • At least one number – Check to require at least one number
    • Upper and lowercase characters – Check to require both upper- and lowercase letters
    • At least one symbol – Check to require at least one symbol
  5. Configure Session settings:
    • Conductor session expiration – Set the number of hours before a Conductor session expires.
    • Conductor session inactivity timeout – Set the number of minutes before a Conductor session times out due to inactivity.
  6. Configure Global Airwall agent authentication settings:
    • Require Airwall agent authentication – Check to require authentication, and select an option:
      • for all agents to require authentication, which may require some people to update their Airwall Agents)
      • for supported agents to allow older agents that don't support authentication to log in.
    • Require Airwall agent authentication for Linux servers – Check to enforce authentication for Linux servers. Authentication is not required by default.
    • Retain session on service restart – Check to allow an Airwall Agent to reconnect to a session after it restarts. By default, restarting ends the session.
    • Require owner for Airwall Agent authorization – If checked, once an owner is set for an Airwall Agent, no other person will be able to log in from that Airwall Agent.
    • Auto-assign Airwall agent owner on login – If checked, will assign the first person to log in with an Airwall Agent as the owner.
    • Airwall agent authentication provider – Select Username and password to require Conductor username and password to log in, choose an authentication provider, or choose All authentication providers to allow the user to select how they log in.
    • Session timeout – Set the number of hours before an Airwall Agent times out. Note that changing the session timeout does not affect current sessions.
  7. Click Save.
Note: If you have email settings correctly configured in Settings > Email Settings, and you have a Forgot your Password? link on the Conductor login screen, all users can enter their username and click the link to send a password recovery email to the address associated with that username.

The password recovery email is sent from the address configured in Email settings, so if it is not set up, users will not be able to recover their passwords this way. If the password recovery email does not arrive within 5 minutes, check your spam folder and explicitly allow the address.

For instructions on setting up Conductor Email settings, see Configure Email Settings.