DOCUMENT LIBRARY

CLI Reference

Using the CLI
config
execute
- backup
- backup-restore
- blocklist
- certificate
- checklogdisk
- checkmaildisk
- cleanqueue
- create
- date
- db
- dlp
- endpoint
- erase-filesystem
- factoryreset
- factoryreset config
- factoryreset config2
- factoryreset disk
- factoryreset keeplicense
- factoryreset shutdown
- factoryreset2
- factoryreset2 keeplicense
- fips
- formatlogdisk
- formatmaildisk
- formatmaildisk-backup
- forticloud
- ha commands
- ibe data
- ibe user
- license
- lvm
- maintain
- nslookup
- partitionlogdisk
- ping
- ping-option
- ping6
- ping6-option
- raid
- reboot
- reload
- restore as
- restore av
- restore config
- restore image
- restore mail-queues
- safelist
- sched-backup
- shutdown
- smtptest
- ssh
- storage
- telnettest
- traceroute
- update
- user-config
- vm
get
- system performance
- system status
show & show full-configuration
Change Log

Home FortiMail 7.2.0 CLI Reference

7.2.0

system password-policy

system password-policy

Use this command to configure password policy for administrators, FortiMail Webmail users, and IBE encrypted email users.

Syntax

config system password-policy

set status {enable | disable}

set apply-to {admin-user | ibe-user | local-mail-user}

set minimum-length <minimum_int>

set must-contain {upper-case-letter | lower-case-letter | number | non-alphanumeric}

set allow-admin-empty-password {enable | disable}

end

Variable	Description	Default
status {enable \| disable}	Select to enable the password policy.
apply-to {admin-user \| ibe-user \| local-mail-user}	Select where to apply the password policy: `admin_user`: Apply to administrator passwords. If any password does not conform to the policy, require that administrator to change the password at the next login. `local-mail-user`: Apply to FortiMail webmail users’ passwords. If any password does not conform to the policy, require that user to change the password at the next login. `ibe-user`: Apply to the passwords of the users who access the FortiMail unit to view IBE encrypted email. If any password does not conform to the policy, require that user to change the password at the next login.
minimum-length <minimum_int>	Set the minimum acceptable length for passwords.	8
must-contain {upper-case-letter \| lower-case-letter \| number \| non-alphanumeric}	Select any of the following special character types to require in a password. Each selected type must occur at least once in the password. upper-case-letter — A, B, C, ... Z lower-case-letter — a, b, c, ... z number — 0, 1, 2, 3, 4, 5, 6, 7 8, 9 non-alphanumeric — punctuation marks, @,#, ... %
allow-admin-empty-password {enable \| disable}	Enable to allow the admin password to be empty.	disable

Related topics

system link-monitor

Previous

Next

system password-policy

system password-policy

Use this command to configure password policy for administrators, FortiMail Webmail users, and IBE encrypted email users.

Syntax

config system password-policy

set status {enable | disable}

set apply-to {admin-user | ibe-user | local-mail-user}

set minimum-length <minimum_int>

set must-contain {upper-case-letter | lower-case-letter | number | non-alphanumeric}

set allow-admin-empty-password {enable | disable}

end

Variable	Description	Default
status {enable \| disable}	Select to enable the password policy.
apply-to {admin-user \| ibe-user \| local-mail-user}	Select where to apply the password policy: `admin_user`: Apply to administrator passwords. If any password does not conform to the policy, require that administrator to change the password at the next login. `local-mail-user`: Apply to FortiMail webmail users’ passwords. If any password does not conform to the policy, require that user to change the password at the next login. `ibe-user`: Apply to the passwords of the users who access the FortiMail unit to view IBE encrypted email. If any password does not conform to the policy, require that user to change the password at the next login.
minimum-length <minimum_int>	Set the minimum acceptable length for passwords.	8
must-contain {upper-case-letter \| lower-case-letter \| number \| non-alphanumeric}	Select any of the following special character types to require in a password. Each selected type must occur at least once in the password. upper-case-letter — A, B, C, ... Z lower-case-letter — a, b, c, ... z number — 0, 1, 2, 3, 4, 5, 6, 7 8, 9 non-alphanumeric — punctuation marks, @,#, ... %
allow-admin-empty-password {enable \| disable}	Enable to allow the admin password to be empty.	disable

Related topics

system link-monitor

Previous

Next