A quick test shows that the maximum length field in the password composition policy is limited to a max of 255.
Minimum length is 1
Considering that every target application will have a composition policy assigned, and that it validates any password entered against said policy, it is pretty safe to say that the maximum is 255 characters.
The "Maximum Password Age Days: field let me enter 15 nines (999,999,999,999,999)... on the 16th it changed the number to 10,000,000,000,000,000, but it would still let me add zeros after that, even converting the number entered to scientific notation. I estimate the upper limit is somewhere in the neighborhood of the end of the universe.
Original Message:
Sent: 06-17-2020 10:22 AM
From: Mark Harris
Subject: Settings on credential manager
Thanks for the information, but already have that. Apart from notes on the limits imposed by external applications, I need to know what is the min and max of all password information that PAM supports.
e.g. What is the maximum length password that PAM supports and the max amount of days until password change.
Original Message:
Sent: 06-17-2020 09:56 AM
From: Joseph Fry
Subject: Settings on credential manager
Is this what your looking for?
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-4/implementing/protect-privileged-account-credentials/set-up-password-composition-and-view-policies/construct-password-composition-policies.html
Or are you looking for what range of values PAM allows for min/max password length? For that you might need to do some testing. Considering that the password field can also be used for encryption keys, I suspect the upper range is in the thousands of characters but I have never tried anything nearly so large.
Original Message:
Sent: 06-16-2020 10:51 AM
From: Mark Harris
Subject: Settings on credential manager
Would someone have a document listing the minimum and maximum setting range for credential manager on PAM. I need things like max password length and range of password expiry.
Documentation mentions only the features not their ranges.
Thanks