Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Identity and Access Management Requests

The following security requests must be made in the accounts on the Solarwinds application.We ask for your help. Thank you.
a) Regarding unsuccessful authentication attempts, if unsuccessful attempts exceed a certain number, blocking the access of the relevant user, (For 5 false attempts, the account will be locked for 15 minutes)
b) Failure to inform the person who performed the attempt after unsuccessful authentication attempts, regarding the incorrectly entered username or password, that such a username is not in the system or that the password has been entered incorrectly, (Your username or password should not be displayed incorrectly)
c) Terminating or locking the session after a certain period of time for inactive sessions, (idle timeout 15 min)
d) If more than one user can use the same user account or if a user can log in different sessions at the same time, the information security officer does not allow this and warns the user in case of attempts to log in more than once for the same user. (If there is more than one session, either the user will not be allowed in, or the previous session will end)

Labels (4)
0 Kudos
1 Reply

a) Not available at all if you use local accounts, if you use windows or SAML auth then Orion just piggybacks off whatever your account lockout policy is through those.

b) Logon failures already give a generic message without those details "Login failure. User name and/or password incorrect." 

c) Under the website settings you can control the idle time out

d) No such capability exists in the tool, if you give it valid creds then it will let you open as many sessions as you want as they don't centrally track session state that way.

- Marc Netterfield, Github
0 Kudos