Documentation for Open Vulnerability and Assessment Language (OVAL®)
Definition Type: Element
Name: lockoutpolicy_state
Namespace: http://oval.mitre.org/XMLSchema/oval-definitions-5#windows
Type: oval-def:StateType
Containing Schema: windows-definitions-schema.xsd
Abstract
Documentation:
The lockoutpolicy_state element specifies the various attributes associated with lockout information for users and global groups in the security database. A lockout policy test will reference a specific instance of this state that defines the exact settings that need to be evaluated. Please refer to the individual elements in the schema for more details about what each represents.
Collapse XSD Schema Diagram:
Drilldown into lockout_threshold in schema windows-definitions-schema_xsd Drilldown into lockout_observation_window in schema windows-definitions-schema_xsd Drilldown into lockout_duration in schema windows-definitions-schema_xsd Drilldown into force_logoff in schema windows-definitions-schema_xsd Drilldown into notes in schema oval-definitions-schema_xsd Drilldown into Signature in schema xmldsig-core-schema_xsd Drilldown into deprecated in schema oval-definitions-schema_xsd Drilldown into comment in schema oval-definitions-schema_xsd Drilldown into operator in schema oval-definitions-schema_xsd Drilldown into version in schema oval-definitions-schema_xsd Drilldown into id in schema oval-definitions-schema_xsd Drilldown into StateType in schema oval-definitions-schema_xsdXSD Diagram of lockoutpolicy_state in schema windows-definitions-schema_xsd (Open Vulnerability and Assessment Language (OVAL®))
Collapse XSD Schema Code: 
<xsd:element name="lockoutpolicy_state" substitutionGroup="oval-def:state">
    <xsd:annotation>
        <xsd:documentation>The lockoutpolicy_state element specifies the various attributes associated with lockout information for users and global groups in the security database. A lockout policy test will reference a specific instance of this state that defines the exact settings that need to be evaluated. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
    </xsd:annotation>
    <xsd:complexType>
        <xsd:complexContent>
            <xsd:extension base="oval-def:StateType">
                <xsd:sequence>
                    <xsd:element name="force_logoff" type="oval-def:EntityStateIntType" minOccurs="0">
                        <xsd:annotation>
                            <xsd:documentation>Specifies, in seconds, the amount of time between the end of the valid logon time and the time when the user is forced to log off the network. A value of TIMEQ_FOREVER (-1) indicates that the user is never forced to log off. A value of zero indicates that the user will be forced to log off immediately when the valid logon time expires. See the USER_MODALS_INFO_0 structure returned by a call to NetUserModalsGet().</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="lpsteforce_logoff" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="win-def:lockoutpolicy_state/win-def:force_logoff">
                                        <sch:assert test="@datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the force_logoff entity of a lockoutpolicy_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="lockout_duration" type="oval-def:EntityStateIntType" minOccurs="0">
                        <xsd:annotation>
                            <xsd:documentation>Specifies, in seconds, how long a locked account remains locked before it is automatically unlocked. See the USER_MODALS_INFO_3 structure returned by a call to NetUserModalsGet().</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="lpstelockout_duration" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="win-def:lockoutpolicy_state/win-def:lockout_duration">
                                        <sch:assert test="@datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the lockout_duration entity of a lockoutpolicy_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="lockout_observation_window" type="oval-def:EntityStateIntType" minOccurs="0">
                        <xsd:annotation>
                            <xsd:documentation>Specifies the maximum time, in seconds, that can elapse between any two failed logon attempts before lockout occurs. See the USER_MODALS_INFO_3 structure returned by a call to NetUserModalsGet().</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="lpstelockout_observation_window" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="win-def:lockoutpolicy_state/win-def:lockout_observation_window">
                                        <sch:assert test="@datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the lockout_observation_window entity of a lockoutpolicy_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                    <xsd:element name="lockout_threshold" type="oval-def:EntityStateIntType" minOccurs="0">
                        <xsd:annotation>
                            <xsd:documentation>Specifies the number of invalid password authentications that can occur before an account is marked "locked out." See the USER_MODALS_INFO_3 structure returned by a call to NetUserModalsGet().</xsd:documentation>
                            <xsd:appinfo>
                                <sch:pattern id="lpstelockout_threshold" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
                                    <sch:rule context="win-def:lockoutpolicy_state/win-def:lockout_threshold">
                                        <sch:assert test="@datatype='int'">
                                            <sch:value-of select="../@id" /> - datatype attribute for the lockout_threshold entity of a lockoutpolicy_state should be 'int'</sch:assert>
                                    </sch:rule>
                                </sch:pattern>
                            </xsd:appinfo>
                        </xsd:annotation>
                    </xsd:element>
                </xsd:sequence>
            </xsd:extension>
        </xsd:complexContent>
    </xsd:complexType>
</xsd:element>
Collapse Child Elements:
Name Type Min Occurs Max Occurs
Signature ds:Signature 0 1
notes oval-def:notes 0 1
force_logoff win-def:force_logoff 0 (1)
lockout_duration win-def:lockout_duration 0 (1)
lockout_observation_window win-def:lockout_observation_window 0 (1)
lockout_threshold win-def:lockout_threshold 0 (1)
Collapse Child Attributes:
Name Type Default Value Use
id oval-def:id Required
version oval-def:version Required
operator oval-def:operator AND Optional
comment oval-def:comment Optional
deprecated oval-def:deprecated false Optional
Collapse Derivation Tree:
Collapse References:
oval-def:state
Documentation for Open Vulnerability and Assessment Language (OVAL®)

Generated using Liquid Studio - Developer Bundle 21.0.0.0