ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Configuring a Password Security Policy hauv Zimbra

Configuring a Password Security Policy hauv Zimbra

Nrog rau encrypting emails thiab siv tus lej kos npe digital, ib txoj hauv kev zoo tshaj plaws thiab tus nqi qis los tiv thaiv email los ntawm kev nyiag nkas yog txoj cai tswj hwm tus password muaj peev xwm. Cov passwords sau rau ntawm daim ntawv, khaws cia rau hauv cov ntaub ntawv pej xeem, lossis tsuas yog tsis yooj yim txaus yog qhov sib txawv loj hauv kev lag luam cov ntaub ntawv kev ruaj ntseg thiab tuaj yeem ua rau muaj teeb meem loj nrog rau qhov tshwm sim rau kev lag luam. Qhov no yog vim li cas txhua lub lag luam yuav tsum muaj txoj cai tswj hwm tus password nruj.

Configuring a Password Security Policy hauv Zimbra

Txawm li cas los xij, ib tus kws tshaj lij kev ruaj ntseg paub tias txoj cai password tsuas yog coj cov txiaj ntsig thaum nws tsis tsuas yog tshwm sim, tab sis raug saib xyuas los ntawm txhua tus neeg, lossis tsawg kawg yog cov neeg ua haujlwm tseem ceeb ntawm lub koom haum. Ua tiav qhov no yog qhov nyuaj tshaj qhov nws zoo li. Cov neeg ua haujlwm uas twb tau ua haujlwm hnyav dhau los tsis nco qab txog qhov yuav tsum tau hloov lawv tus password, lossis ua txoj hauv kev ntawm kev tiv thaiv tsawg kawg, txhua zaus ua tus password yooj yim dua thiab yooj yim dua, yog li cuam tshuam tag nrho cov txiaj ntsig. Tias yog vim li cas qhov teeb meem ntawm kev ua raws li tus password txoj cai hauv kev lag luam feem ntau yog daws los ntawm ntau yam txuj ci.

Koj tsis tas yuav muaj daim ntawv thov thib peb los tswj koj txoj cai Zimbra password. Qhov no tuaj yeem ua tiav nrog cov cuab yeej built-in.

Ua ntej, nws tsim nyog nkag siab txog kev tswj tus password li cas hauv Zimbra. Thaum tsim ib tus as khauj tshiab, tus thawj tswj hwm muab nws tus password ib ntus. Tom qab ntawd, tus neeg siv yuav muaj peev xwm nkag mus rau hauv tus account thiab hloov tus password. Tag nrho cov passwords tau muab khaws cia rau hauv daim ntawv encrypted ntawm tus neeg rau zaub mov nrog Zimbra thiab, ua tsaug rau qhov no, tsis tuaj yeem nkag mus rau tus thawj tswj hwm server. Yog li ntawd, yog tias tus neeg siv tsis nco qab nws tus password, nws yuav tsum tsim ib qho tshiab. Cia peb nco ntsoov tias kom txog thaum tsis ntev los no, tsim tus password tshiab yuav tsum muaj kev koom tes ntawm tus thawj coj, tab sis qhov tseeb version ntawm Zimbra Creative Suite 8.8.9 ntxiv lub peev xwm rau cov neeg siv los teeb tsa tus password tshiab lawv tus kheej.

Configuring a Password Security Policy hauv Zimbra
Kev teeb tsa tus password tuaj yeem pom nyob rau hauv qhov chaw ntawm ib tus neeg siv thiab pab pawg neeg siv. Koj tuaj yeem configure:

  • Tus password ntev - tso cai rau koj los teeb tsa qhov tsawg kawg nkaus thiab siab tshaj tus password ntev. Los ntawm lub neej ntawd, qhov tsawg kawg nkaus lo lus zais ntev yog 6 cim thiab qhov siab tshaj plaws yog 64.
  • Kev laus tus password - tso cai rau koj los teeb tsa lub sijhawm tom qab uas tus password ua tsis raug. Cov neeg siv tsis tas yuav tos tus password kom tas sijhawm; lawv tuaj yeem hloov nws ua ntej nws tas sijhawm
  • Yam tsawg kawg ntawm cov tsiaj ntawv loj - tso cai rau koj los teeb tsa qhov tsawg kawg nkaus ntawm cov tsiaj ntawv loj siv hauv lo lus zais
  • Yam tsawg kawg ntawm cov cim qis - tso cai rau koj los teeb tsa qhov tsawg kawg nkaus ntawm cov cim qis uas siv rau hauv lo lus zais
  • Yam tsawg kawg nkaus tus lej - tso cai rau koj los teeb tsa tus lej tsawg kawg ntawm 0 txog 9 siv hauv tus password
  • Yam tsawg kawg nkaus cov cim cim - tso cai rau koj los teeb tsa qhov tsawg kawg nkaus ntawm cov cim cim thiab cov cim tshwj xeeb uas siv rau hauv lo lus zais
  • Tiv thaiv tus password keeb kwm - tso cai rau koj los teeb tsa tus lej password kom nco qab kom tus neeg siv tsis tu ncua siv cov passwords sib npaug.
  • Lo lus zais xauv - qhov kev xaiv no tso cai rau koj los tiv thaiv tus neeg siv los hloov tus password
  • Pab kom tsis txhob nkag mus rau hauv kev kaw haujlwm - qhov kev xaiv no tso cai rau koj los teeb tsa qhov system ua li cas nkag mus rau tus password tsis raug

Raws li koj tuaj yeem pom, kev teeb tsa lo lus zais hauv Zimbra yog qhov hloov pauv tau yooj yim thiab tuaj yeem hloov mus rau txoj cai password ntawm yuav luag txhua lub lag luam. Tsis tas li ntawd, los ntawm kev siv cov ntawv yooj yim, koj tuaj yeem teeb tsa kev ceeb toom kom xa mus rau cov neeg siv tias lawv tus password yuav sai sai. Ua tsaug rau qhov kev ceeb toom no, tus neeg ua haujlwm yuav tuaj yeem hloov tus password hauv qhov chaw nyob ntsiag to, thaum xa ntawv ntawm tus neeg ua haujlwm uas tsis nco lub sijhawm hloov tus password tsis qhib thaum sawv ntxov tuaj yeem cuam tshuam tsis zoo rau nws txoj haujlwm.

Txhawm rau kom cov ntawv no ua haujlwm, koj yuav tsum luam nws mus rau ib daim ntawv thiab ua kom cov ntaub ntawv no ua tiav. Nws raug nquahu kom automate qhov kev ua tiav ntawm tsab ntawv no siv Cron kom nws ceeb toom txhua hnub rau cov neeg siv uas tsis tau hloov kho lawv tus password rau lub sijhawm ntev uas nws yuav tsis ua haujlwm sai. Tsis tas li ntawd, hauv tsab ntawv, tsis yog zimbra.server.com, koj yuav tsum hloov lub npe ntawm koj tus kheej sau npe.

#!/bin/bash
# Π—Π°Π΄Π°Π΅ΠΌ ряд ΠΏΠ΅Ρ€Π΅ΠΌΠ΅Π½Π½Ρ‹Ρ…:
# Π‘ΠΏΠ΅Ρ€Π²Π° количСство Π΄Π½Π΅ΠΉ для ΠΏΠ΅Ρ€Π²ΠΎΠ³ΠΎ напоминания, Π·Π°Ρ‚Π΅ΠΌ для послСднСго:
FIRST="3"
LAST="1"
# Π—Π°Π΄Π°Π΅ΠΌ адрСс отправитСля:
FROM="[email protected]"
# Π—Π°Π΄Π°Π΅ΠΌ адрСс получатСля, ΠΊΠΎΡ‚ΠΎΡ€Ρ‹ΠΉ Π±ΡƒΠ΄Π΅Ρ‚ ΠΏΠΎΠ»ΡƒΡ‡Π°Ρ‚ΡŒ письмо со списком Π°ΠΊΠΊΠ°ΡƒΠ½Ρ‚ΠΎΠ² с ΠΈΡΡ‚Π΅ΠΊΡˆΠΈΠΌΠΈ паролями
ADMIN_RECIPIENT="[email protected]"
# Π£ΠΊΠ°Π·Ρ‹Π²Π°Π΅ΠΌ ΠΏΡƒΡ‚ΡŒ ΠΊ исполняСмому Ρ„Π°ΠΉΠ»Ρƒ Sendmail
SENDMAIL=$(ionice -c3 find /opt/zimbra/common/sbin/sendmail* -type f -iname sendmail)
# ΠŸΠΎΠ»ΡƒΡ‡Π°Π΅ΠΌ список всСх ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ.
USERS=$(ionice -c3 /opt/zimbra/bin/zmprov -l gaa $DOMAIN)
# Π£ΠΊΠ°Π·Ρ‹Π²Π°Π΅ΠΌ Π΄Π°Ρ‚Ρƒ с Ρ‚ΠΎΡ‡Π½ΠΎΡΡ‚ΡŒΡŽ Π΄ΠΎ сСкунды:
DATE=$(date +%s)
# ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΠ΅ΠΌ ΠΊΠ°ΠΆΠ΄ΠΎΠ³ΠΎ ΠΈΠ· Π½ΠΈΡ…:
for USER in $USERS
 do
# Π£Π·Π½Π°Π΅ΠΌ, ΠΊΠΎΠ³Π΄Π° Π±Ρ‹Π» установлСн ΠΏΠ°Ρ€ΠΎΠ»ΡŒ
USERINFO=$(ionice -c3 /opt/zimbra/bin/zmprov ga "$USER")
PASS_SET_DATE=$(echo "$USERINFO" | grep zimbraPasswordModifiedTime: | cut -d " " -f 2 | cut -c 1-8)
PASS_MAX_AGE=$(echo "$USERINFO" | grep "zimbraPasswordMaxAge:" | cut -d " " -f 2)
NAME=$(echo "$USERINFO" | grep givenName | cut -d " " -f 2)
# ΠŸΡ€ΠΎΠ²Π΅Ρ€ΡΠ΅ΠΌ, Π½Π΅Ρ‚ Π»ΠΈ срСди ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»Π΅ΠΉ Ρ‚Π΅Ρ…, Ρƒ ΠΊΠΎΠ³ΠΎ срок дСйствия пароля ΡƒΠΆΠ΅ истСк.
if [[ "$PASS_MAX_AGE" -eq "0" ]]
then
  continue
fi
# ВысчитываСм Π΄Π°Ρ‚Ρƒ окончания дСйствия ΠΏΠ°Ρ€ΠΎΠ»Π΅ΠΉ
EXPIRES=$(date -d  "$PASS_SET_DATE $PASS_MAX_AGE days" +%s)
# Π‘Ρ‡ΠΈΡ‚Π°Π΅ΠΌ, сколько Π΄Π½Π΅ΠΉ ΠΎΡΡ‚Π°Π»ΠΎΡΡŒ Π΄ΠΎ окончания срока дСйствия пароля
DEADLINE=$(( (($DATE - $EXPIRES)) / -86400 ))
# ΠžΡ‚ΠΏΡ€Π°Π²Π»ΡΠ΅ΠΌ письмо ΠΏΠΎΠ»ΡŒΠ·ΠΎΠ²Π°Ρ‚Π΅Π»ΡΠΌ
SUBJECT="$NAME - Π’Π°Ρˆ ΠΏΠ°Ρ€ΠΎΠ»ΡŒ станСт Π½Π΅Π΄Π΅ΠΉΡΡ‚Π²ΠΈΡ‚Π΅Π»ΡŒΠ½Ρ‹ΠΌ Ρ‡Π΅Ρ€Π΅Π· $DEADLINE Π΄Π½Π΅ΠΉ"
BODY="
ЗдравствуйтС, $NAME,
ΠŸΠ°Ρ€ΠΎΠ»ΡŒ вашСго Π°ΠΊΠΊΠ°ΡƒΠ½Ρ‚Π° станСт Π½Π΅Π΄Π΅ΠΉΡΡ‚Π²ΠΈΡ‚Π΅Π»ΡŒΠ½Ρ‹ΠΌ Ρ‡Π΅Ρ€Π΅Π· $DEADLINE Π΄Π½Π΅ΠΉ, ΠŸΠΎΠΆΠ°Π»ΡƒΠΉΡΡ‚Π°, создайтС Π½ΠΎΠ²Ρ‹ΠΉ ΠΊΠ°ΠΊ ΠΌΠΎΠΆΠ½ΠΎ скорСС.
Π’Ρ‹ ΠΌΠΎΠΆΠ΅Ρ‚Π΅ Ρ‚Π°ΠΊΠΆΠ΅ ΡΠΎΠ·Π΄Π°Ρ‚ΡŒ Π½Π°ΠΏΠΎΠΌΠΈΠ½Π°Π½ΠΈΠ΅ ΠΎ смСнС пароля Π² ΠΊΠ°Π»Π΅Π½Π΄Π°Ρ€Π΅ Zimbra.
Π—Π°Ρ€Π°Π½Π΅Π΅ спасибо.
Π‘ ΡƒΠ²Π°ΠΆΠ΅Π½ΠΈΠ΅ΠΌ, IT-ΠΎΡ‚Π΄Π΅Π»
"
# ΠŸΠ΅Ρ€Π²ΠΎΠ΅ ΠΏΡ€Π΅Π΄ΡƒΠΏΡ€Π΅ΠΆΠ΄Π΅Π½ΠΈΠ΅
if [[ "$DEADLINE" -eq "$FIRST" ]]
then
	echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$USER"
	echo "Reminder email sent to: $USER - $DEADLINE days left"
# ПослСднСС ΠΏΡ€Π΅Π΄ΡƒΠΏΡ€Π΅ΠΆΠ΄Π΅Π½ΠΈΠ΅
elif [[ "$DEADLINE" -eq "$LAST" ]]
then
	echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$USER"
	echo "Reminder email sent to: $USER - $DEADLINE days left"
# Final
elif [[ "$DEADLINE" -eq "1" ]]
then
    echo "Subject: $SUBJECT" "$BODY" | $SENDMAIL -f "$FROM" "$USER"
	echo "Last chance for: $USER - $DEADLINE days left"
fi
done

Yog li, peb tuaj yeem hais tias Zimbra Collaboration Suite yog qhov tsim nyog txawm tias cov tuam txhab lag luam uas tau siv txoj cai tswj hwm tus password nruj, thiab ua tsaug rau cov haujlwm tsim ua, nws yuav yooj yim heev kom tau txais cov neeg ua haujlwm nruj me ntsis rau nws.

Rau tag nrho cov lus nug ntsig txog Zextras Suite, koj tuaj yeem tiv tauj Zextras Tus Neeg Sawv Cev Katerina Triandafilidi los ntawm email [email tiv thaiv]

Tau qhov twg los: www.hab.com

Ntxiv ib saib