AccountsService
Description
This resource shall represent an account service for a Redfish implementation. The properties are common to, and enable management of, all user accounts. The properties include the password requirements and control features, such as account lockout. Properties and actions in this service specify general behavior that should be followed for typical accounts, however implementations may override these behaviors for special accounts or situations to avoid denial of service or other deadlock situations.
Fields
| Field | Type | Description |
|---|---|---|
@odata.context | string | The OData description of a payload. |
@odata.etag | string | The current ETag of the resource. |
@odata.id | string | The unique identifier for a resource. |
@odata.type | string | The type of a resource. |
AccountLockoutCounterResetAfter | integer | This property shall contain the period of time, in seconds, since the last failed login attempt when the AccountLockoutThreshold counter, which counts the number of failed login attempts, is reset to 0. Then, AccountLockoutThreshold failures are required before the account is locked. This value shall be less than or equal to the AccountLockoutDuration value. A reset sets the counter to 0. |
AccountLockoutCounterResetEnabled | boolean | This property shall indicate whether the threshold counter is reset after AccountLockoutCounterResetAfter expires. If true, it is reset. If false, only a successful login resets the threshold counter and if the user reaches the AccountLockoutThreshold limit, the account shall be locked out indefinitely and only an administrator-issued reset clears the threshold counter. If this property is absent, the default is true. |
AccountLockoutDuration | integer | This property shall contain the period of time, in seconds, that an account is locked after the number of failed login attempts reaches the account lockout threshold, within the period between the last failed login attempt and the reset of the lockout threshold counter. This value shall be greater than or equal to the AccountLockoutCounterResetAfter value. If 0, no lockout will occur. If this property is not supported by the service, the client shall not expect any value in this property to have an effect on the behavior of the service. |
AccountLockoutThreshold | integer | This property shall contain the threshold of failed login attempts before a user account is locked for a specified duration. If 0, the account shall never be locked as a result of failed login attempts. |
Accounts | AccountCollection | This property shall contain a link to a resource collection of type ManagerAccountCollection. |
ActiveDirectory | ExternalAccountProvider | This property shall contain the first Active Directory external account provider that this account service supports. |
AdditionalExternalAccountProviders | ExternalAccountProviderCollection | This property shall contain a link to a resource collection of type ExternalAccountProviderCollection that represents the additional external account providers that this account service uses. |
Description | string | The description of this resource. Used for commonality in the schema definitions. |
Id | string | The unique identifier for this resource within the collection of similar resources. |
LDAP | ExternalAccountProvider | This property shall contain the first LDAP external account provider that this account service supports. |
LocalAccountAuth | string | This property shall govern how the service uses the accounts collection within this account service as part of authentication. |
MaxPasswordLength | integer | This property shall contain the maximum password length that the implementation allows for this account service. This property does not apply to accounts from external account providers. |
MinPasswordLength | integer | This property shall contain the minimum password length that the implementation allows for this account service. This property does not apply to accounts from external account providers. |
Name | string | The name of the resource or array member. |
OAuth2 | ExternalAccountProvider | This property shall contain the first OAuth 2.0 external account provider that this account service supports. |
Oem | object | The OEM extension property. |
PasswordExpirationDays | integer | This property shall contain the number of days after which a password expires. The value shall be null if the password never expires. This property does not apply to accounts from external account providers. |
PrivilegeMap | PrivilegeRegistry | This property shall contain a link to a resource of type PrivilegeRegistry that represents the privilege mappings for this service. |
Roles | RoleCollection | This property shall contain a link to a resource collection of type RoleCollection. |
ServiceEnabled | boolean | This property shall indicate whether the account service is enabled. If true, it is enabled. If false, it is disabled and users cannot be created, deleted, or modified, and new sessions cannot be started. However, established sessions might still continue to run. Any service, such as the session service, that attempts to access the disabled account service fails. However, this does not affect HTTP Basic Authentication connections. |
Status | Status | This property shall contain any status or health properties of the resource. |
SupportedAccountTypes | array | This property shall contain an array of the account types supported by this account service. |
SupportedOEMAccountTypes | array | This property shall contain an array of the OEM account types supported by this account service. |
TACACSplus | ExternalAccountProvider | This property shall contain the first TACACS+ external account provider that this account service supports. |