DocumentationRelease Notes
Log In
Documentation

Configuration: System settings

Suggest Edits

Local account settings

Set account lockout options

You can set lockout options, such as lockout threshold and duration.

  1. Select Configuration.
  2. Under Role Based Access, select Local Account Settings.
  3. Under Account Lockout, set the following options:
    • Account Lockout Duration: Sets the number of minutes that the user is locked out after they hit the account lockout threshold. Once this time has elapsed, an attempt will be made to unlock the account during the user's next log in. Setting this value to 0 (zero) requires the account to be manually unlocked by an administrator.
    • Account Lockout Threshold: Sets the number of times a user can try their password before the account is locked out.
    • Account Lockout Reset Interval: Sets the number of minutes after an account is locked due to unsuccessful entry attempts before resetting the lockout counter.
    • Unlock account upon password reset request: When set to Yes, unlocks the account when the Forgot Your Password process is followed by the user. When set to No, the user may reset their password using the Forgot Your Password process, but the account remains locked until an administrator unlocks it.
    • Send lockout notification: When set to Yes, sends a notification to the email address configured in the Lockout Notification Recipients when any account becomes locked out.
    • Lockout notification recipients: Sets the email address where the lockout notification is sent. The Send Lockout Notification switch must be set to Yes for this to be relevant.
  4. Click Update Account Lockout Options.

Set account password history

To set the account password history option:

  1. Select Configuration.
  2. Under Role Based Access, select Local Account Settings.
  3. Under Account Password, set the following option:
    • Enforce Password History: Enter the number of passwords a user must create before an old password can be reused. Enter 0 to not enforce a password history. There are no restrictions on using past passwords when 0 is entered.
  4. Click Update Account Password Options.

Support

Configure the System Event Viewer

You can view recorded system events to assist with troubleshooting issues with BeyondInsight:

  1. In BeyondInsight go to Configuration > Support > System Event Viewer.
  • This screen shows the events recorded and retained as per the System Event Settings.
  • The list of events can be filtered by Event Time and additional filters can be added.
  • On the right, above the column headings, there are icons to refresh and download the list of events, and to modify the appearance of the list, including adding or removing columns.
  • You can sort any column by clicking on the heading. An arrow appears to indicate whether the sort is ascending or descending. Click again to reverse the sort.
  • At the bottom of the list, you can page through the events and set the number to display per page.
  1. To view the full log file entry for any event, click the i at the right end of the event row.

Site options

Configure global website options

You can configure global website settings from the Configuration > System > Site Options page, including:

  • Changing the Login page to include lists of domains and LDAP servers
  • Displaying the Forgot Password link on the Login page
  • Displaying social media links on the Login and About pages
  • Changing the refresh interval for Smart Rules
  • Configuring a pre-login banner to appear to users before logging into the site
  • Configuring session options
  • Turning on language selection
  • Enabling and disabling the requirement to provide an access key when creating, editing, or using discovery scan credentials
  • Creating a global access key to be used for all discovery scan credentials
  • Configuring the maximum number of accounts to display in the Password Safe Accounts grid

Login page options

List domains and LDAP servers on the Login page

Users can log in to the management console using Active Directory or LDAP credentials. When this site setting is enabled, the user can select a domain or LDAP server from the Log in to list. Domain and LDAP server information is based on the Active Directory and LDAP user group information.

ℹ️

Note

The Log in to list is only displayed on the Login page when there are either Active Directory or LDAP user groups created in the management console.

ℹ️

Note

By default, the setting is enabled. If you do not want to display domains or LDAP severs on the Login page, disable the setting.

  1. Under Login Page, uncheck the box to disable Show list of domains/LDAP servers on login page.
  2. Click Update Login Page Options.

You must log out and log back in for the change to take effect.

Disable forgot password link

Users logging into the console using Active Directory credentials cannot use the Forgot Password feature. In this scenario, you can disable the setting so the link is no longer displayed on the Login page.

  1. Under Login Page, uncheck the box to disable Show Forgot Password link on login page.
  2. Click Update Login Page Options.

You must log out and log back in for the change to take effect.

Disable social media links on the Login and About pages

By default, links for Facebook, Twitter, LinkedIn, and YouTube are available at the bottom of the Login page and also on the About page.

  1. Under Login Page, uncheck the box to turn off Show social media links on login and about pages.
  2. Click Update Login Page Options.

You must log out and log back in for the change to take effect.

Change the refresh interval for Smart Rules

Scans can run more efficiently when Smart Rules are set to refresh at longer intervals.

  1. Under General, set the number of minutes for Maximum Smart Rule refresh frequency for asset updates. The default is 60.
  2. Click Update General Options.

Configure a pre-login banner

You can configure a banner to appear to all users upon access to the site.

  1. Under Pre-Login Banner, check the Show banner option to enable it.
  2. Provide a title and message, and then click Update Pre-login Banner Options.

Configure session options

You can configure the following session related options:

  • Session timeout
  • Notification time before session timeout
  • Minimum interval between session extension requests
  • User Quarantine Cache refresh interval

Configure global discovery credential access keys

When the Require a Discovery Credential Key option is enabled, all discovery credentials require the global credential access key. Enable the option, and then enter a Global Credential Key.

ℹ️

Note

You may still set a custom key on individual credentials to something other than the default.

When the Require a Discovery Credential Key option is disabled, all discovery credentials do not require an access key and all previously configured credential keys (including custom keys) are deleted.

ℹ️

Note

These settings apply to ALL discovery credentials for ALL tenants.

Configure the number of accounts to display in the Password Safe Accounts grid

You can set the number of accounts to display in the Password Safe Accounts grid search results. The default value of this option is 1,000 accounts , with a minimum limit of 100 accounts and a maximum of 10,000.

  1. Under Password Safe Portal, select the maximum number of accounts to display in the grid.
  2. Click Update Password Safe Portal Options.

Updated 6 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.