Extended Security Attributes for Principals
You can attach ERA instances to principals to manage several aspects of DCE login and password security. ERAs are available to control
· The level of authentication security required for principal login requests
· Handling of invalid logins
· Strength of principals' passwords as well as generation of passwords for principals
· Handling of login attempts by principals with expired passwords
These ERAs are introduced and explained in the following topics. See Creating and Using Extended Registry Attributes for information on how to use dcecp to attach these ERAs to principals.
More:
Managing Invalid Login Handling
Managing Password Strength and Password Generation