Red Hat DIRECTORY SERVER 7.1 - Passwordlockoutduration (Lockout Duration); Passwordmaxage (Password Maximum Age); Passwordmaxfailure (Maximum Password Failures)

To Next Page

To Previous Page

Core Server Configuration Attributes Reference

Chapter 2 Core Server Configuration Reference 87

passwordLockoutDuration (Lockout Duration)

Indicates the amount of time in seconds during which users will be locked out of

the directory after an account lockout. The account lockout feature protects against

hackers who try to break into the directory by repeatedly trying to guess a user’s

password. You enable and disable the account lockout feature using the

passwordLockout

attribute.

For more information on password policies, see chapter 7, “User Account

Management,” in the Red Hat Directory Server Administrator’s Guide.

passwordMaxAge (Password Maximum Age)

Indicates the number of seconds after which user passwords will expire. To use

this attribute, you must enable password expiration using the

passwordExp

attribute.

For more information on password policies, see chapter 7, “User Account

Management,” in the Red Hat Directory Server Administrator’s Guide.

passwordMaxFailure (Maximum Password Failures)

Indicates the number of failed bind attempts after which a user will be locked out

of the directory. By default, account lockout is disabled. You can enable account

lockout by modifying the

passwordLockout

attribute.

Entry DN: cn=config

Valid Range: 1 to the maximum 32 bit integer value (2147483647) in seconds

Default Value: 3600

Syntax: Integer

Example: passwordLockoutDuration: 3600

Entry DN: cn=config

Valid Range: 1 to the maximum 32 bit integer value (2147483647) in seconds

Default Value: 8640000 (100 days)

Syntax: Integer

Example: passwordMaxAge: 100

Other manuals for Red Hat DIRECTORY SERVER 7.1