The SAP ASE high-availability functionality synchronizes these password policy options between primary and secondary servers:
disallow simple passwords
min digits in password
min alpha in password
min special char in password
min upper char in password
min lower char in password
systemwide password expiration
password exp warn interval
minimum password length
maximum failed login
expire login
keypair regeneration period
keypair error retry wait
keypair error retry count
The SAP ASE server uses a “password policy” quorum attribute to check the inconsistency of any of those values on both the primary and secondary servers, except keypair regeneration period, keypair error retry wait, and keypair error retry count. A high-availability advisory check succeeds when all those value are the same on both servers, and fail when the values differ. For example:
sp_companion "MONEY1", do_advisory, 'all' go
Attribute Name Attrib Type Local Value Remote Value Advisory -------------- ----------- ----------- ----------- ------ expire login password po 1 0 2 maximum failed password po 3 5 2 min alpha in pa assword po 10 12 2
A value of 2 set in the advisory column of the output indicates that the user cannot proceed with the cluster operation unless the values on both the companions match.
The output of sp_companion do_advisory also indicates the inconsistency in any of the particular password policy checks on both servers.