beautypg.com

Passwordminuppers (password syntax), Passwordmustchange (password must change), Passwordresetduration – Red Hat 8.1 User Manual

Page 55: Passwordretrycount

background image

2.3.1.137. PasswordMinUppers (Password Syntax)

This sets the minimum number of uppercase letters password must contain.

Parameter

Description

Entry DN

cn=config

Valid Range

0 to 64

Default Value

0

Syntax

Integer

Example

passwordMinUppers: 2

2.3.1.138. passwordMustChange (Password Must Change)

Indicates whether users must change their passwords when they first bind to the Directory Server or
when the password has been reset by the Manager DN.

This can be abbreviated to pwdMustChange.

For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.

Parameter

Description

Entry DN

cn=config

Valid Values

on | off

Default Value

off

Syntax

DirectoryString

Example

passwordMustChange: off

2.3.1.139. passwordResetDuration

This attribute sets the amount of time that must pass after login failures before the server resets the
password retry count to zero.

For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.

Parameter

Description

Entry DN

cn=config

Valid Range

0 to the maximum 32 bit integer value
(2147483647) in seconds

Default Value

600

Syntax

Integer

Example

passwordResetDuration: 600

2.3.1.14 0. passwordResetFailureCount (Reset Password Failure Count After)

Indicates the amount of time in seconds after which the password failure counter resets. Each time an
invalid password is sent from the user's account, the password failure counter is incremented. If the
passwordLockout attribute is set to on, users are locked out of the directory when the counter reaches
the number of failures specified by the passwordMaxFailure attribute (within 600 seconds by default).
After the amount of time specified by the passwordLockoutDuration attribute, the failure counter is
reset to zero (0).

This can be abbreviated to pwdFailureCountInterval.

For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.

Parameter

Description

Entry DN

cn=config

Valid Range

1 to the maximum 32 bit integer value
(2147483647) in seconds

Default Value

600

Syntax

Integer

Example

passwordResetFailureCount: 600

2.3.1.14 1. passwordRetryCount

This attribute counts the number of consecutive failed attempts at entering the correct password.

Red Hat Directory Server 8.1 Configuration and Command Reference

55