2.2.2.2.10.8 PassphrasePolicy Object
The following specifies the PassphrasePolicy object schema:
-
<xs:schema xmlns:g="urn:groove.net" attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="urn:groove.net" xmlns:xs="http://www.w3.org/2001/XMLSchema"> <xs:element name="fragment"> <xs:complexType> <xs:sequence> <xs:element name="ManagedObject"> <xs:complexType> <xs:sequence> <xs:element name="Header" type="ObjectHeaderType"/> <xs:element name="Body"> <xs:complexType> <xs:sequence> <xs:element name="Policy"> <xs:complexType> <xs:sequence> <xs:element name="Age" minOccurs="0"> <xs:complexType> <xs:attribute name="Max" type="xs:double"/> </xs:complexType> </xs:element> <xs:element name="History" minOccurs="0"> <xs:complexType> <xs:attribute name="Count" type="xs:int"/> </xs:complexType> </xs:element> <xs:element name="Strength" minOccurs="0"> <xs:complexType> <xs:attribute name="Flags" type="xs:int"/> <xs:attribute name="MinTotalChars" type="xs:int"/> </xs:complexType> </xs:element> <xs:element name="Lockout" minOccurs="0"> <xs:complexType> <xs:attribute name="Flags" type="xs:int"/> </xs:complexType> </xs:element> <xs:element name="Reset" minOccurs="0"> <xs:complexType> <xs:attribute name="Text" type="xs:string"/> </xs:complexType> </xs:element> <xs:element name="DelayLockout" minOccurs="0"> <xs:complexType> <xs:attribute name="Duration" type="xs:int"/> <xs:attribute name="LockoutFlag" type="xs:int"/> <xs:attribute name="Threshold" type="xs:int"/> <xs:attribute name="Vector" type="xs:string"/> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Flags" type="xs:int"/> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="ComponentResourceURL" type="xs:string" use="required"/> </xs:complexType> </xs:element> <xs:element name="Signatures"> <xs:complexType> <xs:sequence> <xs:element name="Signature" type="ObjectSignatureType"/> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> <xs:attribute name="Version" type="xs:string" use="required"/> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:schema>
The ObjectHeaderType and the ObjectSignatureType are specified in sections 2.2.2.2.12 and 2.2.2.2.13.
The following table describes the elements and attributes:
XPath |
Description |
---|---|
/fragment |
Fragment element |
/fragment/ManagedObject/@Version |
The attribute value MUST be "0,0,0,0". |
/fragment/ManagedObject/Header |
Object header element |
/fragment/ManagedObject/Body |
Object body element |
/fragment/ManagedObject/Body/@ComponentResourceURL |
The value MUST be "http://components.groove.net/Groove/Components/Root.osd?Package=net.groove.Groove.SystemComponents.GrooveAccountMgr_DLL&Version=0&Factory=PassphrasePolicy". |
/fragment/ManagedObject/Body/Policy |
Policy element |
/fragment/ManagedObject/Body/Policy/@Flags |
The value can be one of the following values: 0x00: Do not apply any of the following options. 0x01: Client cannot memorize Passphrase. 0x02: Client cannot use password hints. |
/fragment/ManagedObject/Body/Policy/Age |
Password age element. The server omits if no password age policy |
/fragment/ManagedObject/Body/Policy/Age/@Max |
Can contain maximum age of password in milliseconds.
|
ManagedObject/Body/Policy/History |
Password history element. The server omits if no password history policy. |
ManagedObject/Body/Policy/History/@Count |
Can contain number of password to be maintained in password history list |
ManagedObject/Body/Policy/Strength |
Password strength element. The server omits if no password strength policy. |
ManagedObject/Body/Policy/Strength/@Flags |
The value can be one of following values or a value produced by using a bitwise OR operation on two or more of the following values: 0x00: Password does not need to satisfy any of the following requirements. 0x01: Password MUST contain at least one alpha character. 0x02: Password MUST contain at least one numeric character. 0x04: Password MUST contain mixed case alphanumeric characters. 0x08: Password MUST contain at least one punctuation symbol. |
ManagedObject/Body/Policy/Strength/@MinTotalChars |
Can contain minimum length of the Password |
ManagedObject/Body/Policy/Lockout |
MUST be ignored by the client. Omit if no password lockout policy. |
ManagedObject/Body/Policy/Lockout/@Flags |
MUST be ignored by the client. |
ManagedObject/Body/Policy/Reset |
Reset element. The server omits if no password reset policy. |
ManagedObject/Body/Policy/Reset/@Text |
Can contain instructions for manual password reset |
ManagedObject/Body/Policy/DelayLockOut |
Delay lockout element. The server omits if no delayed lockout policy. |
ManagedObject/Body/Policy/DelayLockOut/@Duration |
Can contain lockout duration in seconds |
ManagedObject/Body/Policy/DelayLockOut/@LockoutFlag |
The value can be: 0x01: enable default lockout |
ManagedObject/Body/Policy/DelayLockout/@Threshold |
The value can be a value between 0 and 1000. |
ManagedObject/Body/Policy/DelayLockOut/@Vector |
See section 3.2.5.1.4 for details on generating delay lockout vector string. |
/fragment/ManagedObject/Signatures |
Signatures element |
/fragment/ManagedObject/Signatures/Signature |
Signature element |