beautypg.com

Changes to the console, New password policy – Sun Microsystems 8190994 User Manual

Page 74

background image

Changes to the Console

The downloaded, Java Swing-based console has been replaced by Directory Service Control
Center (DSCC). DSCC is a graphical interface that enables you to manage an entire directory
service by using a web browser. The DSCC requires no migration. Migrated Directory Server
instances can be registered in the DSCC. For more information about the DSCC see Chapter 1,
“Directory Server Overview,” in Sun Java System Directory Server Enterprise Edition 6.0
Reference.

New Password Policy

Directory Server6.0 implements a new password policy that uses the standard object class and
attributes described in the

“Password Policy for LDAP Directories” Internet-Draft

.

The new password policy provides the following new features:

A grace login limit, specified by the pwdGraceAuthNLimit attribute. This attribute specifies
the number of times an expired password can be used to authenticate. If it is not present or if
it is set to 0, authentication will fail.

Safe password modification, specified by the pwdSafeModify attribute. This attribute
specifies whether the existing password must be sent when changing a password. If the
attribute is not present, the existing password does not need to be sent.

In addition, the new password policy provides the following new controls:

LDAP_CONTROL_PWP_[REQUEST|RESPONSE]

LDAP_CONTROL_ACCOUNT_USABLE_[REQUEST|RESPONSE]

These controls enable LDAP clients to obtain account status information.

The LDAP_CONTROL_PWP control provides account status information on LDAP bind, search,
modify, add, delete, modDN, and compare operations.

The following information is available, using the OID 1.3.6.1.4.1.42.2.27.8.5.1 in the
search:

Period of time before the password expires

Number of grace login attempts remaining

The password has expired

The account is locked

The password must be changed after being reset

Password modifications are allowed

The user must supply his/her old password

The password quality (syntax) is insufficient

The password is too short

Changes to the Console

Sun Java System Directory Server Enterprise Edition 6.0 Migration Guide • March 2007

74

Sun Confidential: Registered

See also other documents in the category Sun Microsystems Computers: