Symantec Privileged Access Management

Hello Team,

We want to apply password policy on the Unix based servers. Can we achieve below with seos:

1) "Password must not contain:
Password must not contain:userID or CommonName (CN)
o Display Name
o Full Name
o Given Name
o Surname"

2) Accounts must be disabled (locked out) after five (5) unsuccessful authentication attempts (lockout threshold) for a period of 15 minutes (lockout duration). Lockout duration and lockout threshold could differ in certain situations such as remote access. Where they differ, the values must be specified in the control review for the information system and must not be less restrictive than the requirements set above. If this functionality is not provided by the operating system, an acceptable compensating control is disconnecting the session after the unsuccessful access attempts.

Any help would be appreciated. 

Thanks.

You can use the PUPM feature tor creating a Password Policy

Create a Password Policy - CA Privileged Identity Manager - 12.9.02 - CA Technologies Documentation 

This allows a more sophisticated setup than the Password Policy on the PIM endpoint itself

Endpoint Policies Configuration - CA Privileged Identity Manager - 12.9.02 - CA Technologies Documentation 

Account lockout you can configure using the serevu feature

serevu Utility Handle Unsuccessful Login Attempts - CA Privileged Identity Manager - 12.9.02 - CA Technologies Documenta…