I think there is some basic functionality in ARS but it really gets beefed up in ITSM 7, and I think some more in ARS 7.1.0. There's no reason a smart guy couldn't build himself what Remedy built on those platforms, so you wouldn't need to install ITSM 7 to get the functionality contained therein.
Rick On 12/6/07, patrick zandi <[EMAIL PROTECTED]> wrote: > > ** Remedy does have this option -- forgot which version it starts with --- > I believe 7.0 > you can set the number of bad password attempts.. it then sets a flag in > the AD server on your account. > and even if the account is unlocked in AD it is not unlocked in Remedy > yet. > To reset it you need to change the flag in AD on their account.. > > On Dec 6, 2007 4:51 PM, Durrant, Michael M. - ITSD <[EMAIL PROTECTED]> wrote: > > > ** Our security team posed this question to me earlier: > > > > What prevents someone from brute forcing a Remedy user account > > password? > > > > In response I said, "Uhhhh.... great question!" > > > > When using the builtin NTLM authentication (Cross Ref Blank Password in > > Server Information -> External Authentication) in Remedy, AD prevents it by > > locking out accounts after 3 unsuccessful login attempts. As far as I can > > tell, Remedy does nothing in this regard for application accounts. Has > > anyone else experienced this issue? > > > > Thanks! > > > > Michael > > The information contained in this email may be privileged, confidential > > or otherwise protected from disclosure. All persons are advised that they > > may face penalties under state and federal law for sharing this information > > with unauthorized individuals. If you received this email in error, please > > reply to the sender that you have received this information in error. Also, > > please delete this email after replying to the sender. > > __20060125_______________________This posting was submitted with HTML in > > it___ > > > > > -- > Patrick Zandi __20060125_______________________This posting was submitted > with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: www.rmsportal.com ARSlist: "Where the Answers Are"
