cn=config
67
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide
.
Parameter
Description
Entry DN
cn=config
Valid Values
on | off
Default Value
off
Syntax
DirectoryString
Example
passwordMustChange: off
2.3.1.139. passwordResetDuration
This attribute sets the amount of time that must pass after login failures before the server resets the
password retry count to zero.
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide
.
Parameter
Description
Entry DN
cn=config
Valid Range
0 to the maximum 32 bit integer value
(2147483647) in seconds
Default Value
600
Syntax
Integer
Example
passwordResetDuration: 600
2.3.1.140. passwordResetFailureCount (Reset Password Failure Count
After)
Indicates the amount of time in seconds after which the password failure counter resets. Each time
an invalid password is sent from the user's account, the password failure counter is incremented. If
the
passwordLockout
attribute is set to
on
, users are locked out of the directory when the counter
reaches the number of failures specified by the
passwordMaxFailure
attribute (within
600
seconds
by default). After the amount of time specified by the
passwordLockoutDuration
attribute, the
failure counter is reset to zero (
0
).
This can be abbreviated to
pwdFailureCountInterval
.
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide
.
Parameter
Description
Entry DN
cn=config
Valid Range
1 to the maximum 32 bit integer value
(2147483647) in seconds
Default Value
600
Syntax
Integer
Example
passwordResetFailureCount: 600
Summary of Contents for 8.1
Page 8: ...viii ...
Page 14: ...xiv ...
Page 16: ...2 ...
Page 250: ...236 ...
Page 334: ...320 ...
Page 372: ...358 ...