2.2.2.2.10.8 PassphrasePolicy Object

Article
10/15/2020

The following specifies the PassphrasePolicy object schema:

 <xs:schema xmlns:g="urn:groove.net" attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="urn:groove.net" xmlns:xs="http://www.w3.org/2001/XMLSchema">
  
 <xs:element name="fragment">
  <xs:complexType>
  <xs:sequence>
   <xs:element name="ManagedObject">
   <xs:complexType>
    <xs:sequence>
    <xs:element name="Header" type="ObjectHeaderType"/>
    <xs:element name="Body">
     <xs:complexType>
     <xs:sequence>
      <xs:element name="Policy">
      <xs:complexType>
       <xs:sequence>
       <xs:element name="Age" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Max" type="xs:double"/>
        </xs:complexType>
       </xs:element>
       <xs:element name="History" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Count" type="xs:int"/>
        </xs:complexType>
       </xs:element>
       <xs:element name="Strength" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Flags" type="xs:int"/>
        <xs:attribute name="MinTotalChars" type="xs:int"/>
        </xs:complexType>
       </xs:element>
       <xs:element name="Lockout" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Flags" type="xs:int"/>
        </xs:complexType>
       </xs:element>
       <xs:element name="Reset" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Text" type="xs:string"/>
        </xs:complexType>
       </xs:element>
       <xs:element name="DelayLockout" minOccurs="0">
        <xs:complexType>
        <xs:attribute name="Duration" type="xs:int"/>
        <xs:attribute name="LockoutFlag" type="xs:int"/>
        <xs:attribute name="Threshold" type="xs:int"/>
        <xs:attribute name="Vector" type="xs:string"/>
        </xs:complexType>
       </xs:element>
       </xs:sequence>
       <xs:attribute name="Flags" type="xs:int"/>
      </xs:complexType>
      </xs:element>
     </xs:sequence>
     <xs:attribute name="ComponentResourceURL" type="xs:string" use="required"/>
     </xs:complexType>
    </xs:element>
    <xs:element name="Signatures">
     <xs:complexType>
     <xs:sequence>
      <xs:element name="Signature" type="ObjectSignatureType"/>
     </xs:sequence>
     </xs:complexType>
    </xs:element>
    </xs:sequence>
    <xs:attribute name="Version" type="xs:string" use="required"/>
   </xs:complexType>
   </xs:element>
  </xs:sequence>
  </xs:complexType>
 </xs:element>
  
 </xs:schema>

The ObjectHeaderType and the ObjectSignatureType are specified in sections 2.2.2.2.12 and 2.2.2.2.13.

The following table describes the elements and attributes:

XPath	Description
/fragment	Fragment element
/fragment/ManagedObject/@Version	The attribute value MUST be "0,0,0,0".
/fragment/ManagedObject/Header	Object header element
/fragment/ManagedObject/Body	Object body element
/fragment/ManagedObject/Body/@ComponentResourceURL	The value MUST be "http://components.groove.net/Groove/Components/Root.osd?Package=net.groove.Groove.SystemComponents.GrooveAccountMgr_DLL&Version=0&Factory=PassphrasePolicy".
/fragment/ManagedObject/Body/Policy	Policy element
/fragment/ManagedObject/Body/Policy/@Flags	The value can be one of the following values: 0x00: Do not apply any of the following options. 0x01: Client cannot memorize Passphrase. 0x02: Client cannot use password hints.
/fragment/ManagedObject/Body/Policy/Age	Password age element. The server omits if no password age policy
/fragment/ManagedObject/Body/Policy/Age/@Max	Can contain maximum age of password in milliseconds.
ManagedObject/Body/Policy/History	Password history element. The server omits if no password history policy.
ManagedObject/Body/Policy/History/@Count	Can contain number of password to be maintained in password history list
ManagedObject/Body/Policy/Strength	Password strength element. The server omits if no password strength policy.
ManagedObject/Body/Policy/Strength/@Flags	The value can be one of following values or a value produced by using a bitwise OR operation on two or more of the following values: 0x00: Password does not need to satisfy any of the following requirements. 0x01: Password MUST contain at least one alpha character. 0x02: Password MUST contain at least one numeric character. 0x04: Password MUST contain mixed case alphanumeric characters. 0x08: Password MUST contain at least one punctuation symbol.
ManagedObject/Body/Policy/Strength/@MinTotalChars	Can contain minimum length of the Password
ManagedObject/Body/Policy/Lockout	MUST be ignored by the client. Omit if no password lockout policy.
ManagedObject/Body/Policy/Lockout/@Flags	MUST be ignored by the client.
ManagedObject/Body/Policy/Reset	Reset element. The server omits if no password reset policy.
ManagedObject/Body/Policy/Reset/@Text	Can contain instructions for manual password reset
ManagedObject/Body/Policy/DelayLockOut	Delay lockout element. The server omits if no delayed lockout policy.
ManagedObject/Body/Policy/DelayLockOut/@Duration	Can contain lockout duration in seconds
ManagedObject/Body/Policy/DelayLockOut/@LockoutFlag	The value can be: 0x01: enable default lockout
ManagedObject/Body/Policy/DelayLockout/@Threshold	The value can be a value between 0 and 1000.
ManagedObject/Body/Policy/DelayLockOut/@Vector	See section 3.2.5.1.4 for details on generating delay lockout vector string.
/fragment/ManagedObject/Signatures	Signatures element
/fragment/ManagedObject/Signatures/Signature	Signature element

2.2.2.2.10.8 PassphrasePolicy Object

Additional resources