For security, our company want me to set a warning for every user who needs to change their password every 30 days, and also want to restrict their password, like must more than 6 bit or must start with a capital word something like that.
I don't know whether I can do that in Qlikview Server or using js, if can, how to do that?
No you cannot. But that is new information so my previous replies do not apply to your situation (it's always better to give those details from the start in your Original Post, makes discussions shorter and more to the point)
Custom directory operates its own list of user definitions which can only be managed from inside the QMC or from custom applications. You cannot mix Custom Directory with AD or any standard premission system like NTFS, simply because for example Custom Directory users do not exist in NTFS or AD. They only exist inside QlikView.
Actually, I think you answered your own question here (last sentence): Re: Can I restrict user password or give a warning for changing the password every 30 days?
You should indeed talk to your web developer. One big advantage of a system like Custom Directory is that you can extend it yourself. However, to do that you'll need someone with web programming experience, like you said yourself.
Custom Directory users are defined in an xml file called C:\ProgramData\QlikTech\DirectoryServiceConnector\CustomDirectoryData.xml. There is no tag that stores the timestamp of definition or last password change, but that can be compensated by either requesting password changes on a fixed date (for example, every first of the month) or by storing password expiry dates in a new xml file and letting the login page handle the data from these two.
Can you start searching on JS Validation for form in html
Would you mind, Can you share your login file and path where this situated in (please hide username)
And then Look Attachment
Thank you so much for your script.
But I'm not familiar with the PHP, and don't know how to use it...
And the login file you mentioned, do you mean the session file of my qlikview server?
could you please give an example for that?
In fact, I am not familiar with Server end. I am fully into design anyway, for understand, I am expecting Access point custom Login.html page`(Figure it out, Usually they used as base the default "C:\Program Files\QlikView\Web" folder to create the folder for Login)
I am referring the same one.
I assume you are using USERID/PASSWORD for opening QV documents. There is no support for password policy enforcement for the Qlikview USERID. This is only suitable for the most elementary security scenarios. You could possibly build your own policy enforcement outside of Qlikview, although the passwords will still go over the network in plain text.
Are your users on a Windows domain? You would be better off using NTNAME rather than UserID. Then you can enforce password policies through Active Directory and the passwords will not be visible anywhere and will not be sent in plain text over the network.
Thanks for reply. I'm using the NTNAME to do the section access, but I'm using the Custom Directory, not AD.
And yes, we are on Windows domain.
So maybe I only can try to do it from outside, so do you mean I need to use js or web method to restrict it when I login?
Yes, actually I change the login.html, but only for the UI, like font color. But I don't know whether I can restrict the password when I do the login.
Anyway maybe I need to ask our web developer, thanks!
Since you are using AD to authenticate your users, you need to configure AD in such a way that
You should talk to your SysAdmin about this.