{ "$schema": "http://json-schema.org/draft-07/schema#", "properties": { "USERS": { "configDescription": "DESC_USERS", "type": "object", "visibility": "AlwaysHide", "additionalProperties": { "type": "object", "configDescription": "DESC_USER", "properties": { "PASSWORD": { "type": "string", "default": "" }, "SALT": { "type": "string", "format": "base64", "default": "" }, "ALGORITHM": { "type": "integer", "default": 0, "enum": [ 0, 1 ], "options": [ { "label": "SHA256", "value": 0 }, { "label": "PBKDF2-HMAC-64-SHA512-1000", "value": 1 } ] }, "SECRET": { "type": "object", "properties": { "value": { "type": "string" }, "iv": { "type": "string" }, "algorithm": { "type": "integer", "default": 0, "enum": [ 0 ], "options": [ { "label": "SHA1", "value": 0 } ] }, "configuration": { "type": "integer", "default": 0, "enum": [ 0 ], "options": [ { "label": "google-authenticator", "value": 0 } ] } } }, "TWO_FACTOR_AUTHENTICATION_ENABLED": { "type": "boolean", "default": false }, "ENABLED": { "type": "boolean", "default": true }, "LAST_PASSWORD_CHANGE": { "type": "string", "format": "date-time" }, "PASSWORD_HISTORY": { "type": "array", "items": { "type": "object", "properties": { "hash": { "type": "string" }, "salt": { "type": "string", "format": "base64" }, "algorithm": { "type": "integer", "enum": [ 0, 1 ] } }, "required": [ "hash", "salt", "algorithm" ] }, "default": [] } }, "additionalProperties": false, "required": [ "PASSWORD", "SALT", "ALGORITHM", "ENABLED", "TWO_FACTOR_AUTHENTICATION_ENABLED" ] }, "default": { "__SystemGuest": { "PASSWORD": "", "SALT": "", "ENABLED": true }, "__SystemUser": { "PASSWORD": "", "SALT": "", "ENABLED": true }, "__SystemAdministrator": { "PASSWORD": "", "SALT": "", "ENABLED": false } }, "required": [ "__SystemAdministrator" ] }, "PASSWORD_MINIMUM_LENGTH": { "configDescription": "DESC_PASSWORD_MINIMUM_LENGTH", "type": "integer", "minimum": 1, "default": 1 }, "PASSWORD_ENABLE_AGING": { "configDescription": "DESC_PASSWORD_ENABLE_AGING", "type": "boolean", "default": false }, "PASSWORD_MAXIMUM_AGE": { "configDescription": "DESC_PASSWORD_MAXIMUM_AGE", "type": "string", "format": "timespan", "default": "P90D" }, "PASSWORD_BLACKLIST": { "configDescription": "DESC_PASSWORD_BLACKLIST", "type": "string", "format": "multiline", "default": "" }, "PASSWORD_FORCE_COMPLEX": { "configDescription": "DESC_PASSWORD_FORCE_COMPLEX", "type": "integer", "default": 0, "enum": [ 0, 1 ], "options": [ { "label": "ENUM_NO_COMPLEXITY_RULES", "value": 0 }, { "label": "ENUM_GMP_COMPLEXITY_RULES", "value": 1 } ] }, "PASSWORD_HISTORY_SIZE": { "configDescription": "DESC_PASSWORD_HISTORY_SIZE", "type": "integer", "minimum": 0, "maximum": 10000, "default": 0, "visibility": "HideInEngineering" }, "MAX_INVALID_LOGIN_ATTEMPTS": { "allOf": [ { "$ref": "tchmi:general#/definitions/UINT" } ], "description": "DESC_MAX_INVALID_LOGIN_ATTEMPTS", "visibility": "HideInEngineering", "default": 0 }, "EXCLUDE_SYSTEM_ADMINISTRATOR_FROM_LOCKOUT": { "description": "DESC_EXCLUDE_SYSTEM_ADMINISTRATOR_FROM_LOCKOUT", "type": "boolean", "default": false, "visibility": "HideInEngineering" }, "ENABLE_TWO_FACTOR_AUTHENTICATION": { "configDescription": "DESC_ENABLE_TWO_FACTOR_AUTHENTICATION", "type": "integer", "enum": [ 0, 1, 2 ], "options": [ { "label": "ALWAYS_OFF_2FA", "value": 0 }, { "label": "ALWAYS_ON_2FA", "value": 1 }, { "label": "REMOTE_2FA", "value": 2 } ] } }, "additionalProperties": false, "type": "object", "required": [ "USERS", "PASSWORD_MINIMUM_LENGTH", "PASSWORD_ENABLE_AGING", "PASSWORD_MAXIMUM_AGE", "PASSWORD_BLACKLIST", "PASSWORD_FORCE_COMPLEX", "PASSWORD_HISTORY_SIZE", "MAX_INVALID_LOGIN_ATTEMPTS", "EXCLUDE_SYSTEM_ADMINISTRATOR_FROM_LOCKOUT" ] }