Superior class, Required attributes, Allowed attributes – Red Hat 8.1 User Manual
Page 97: Passwordpolicy (object class)
This object class is defined in Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.39
Required Attributes
Attribute
Definition
objectClass
Gives the object classes assigned to the entry.
Allowed Attributes
Attribute
Definition
cn
Gives the common name of the entry.
2.4 .12. passwordpolicy (Object Class)
Both local and global password policies take the passwordpolicy object class. This object class is
defined in Directory Server.
Superior Class
top
OID
2.16.840.1.113730.3.2.13
Required Attributes
Attribute
Definition
objectClass
Gives the object classes assigned to the entry.
Allowed Attributes
Attribute
Definition
Sets the number of seconds after which user
passwords expire.
Identifies whether the user's password expires
after an interval given by the passwordMaxAge
attribute.
Sets the minimum number of characters that must
be used in passwords.
Sets whether to keep a password history for a
user.
Sets the number of passwords the directory
stores in the history.
Identifies whether or not users is allowed to
change their own password.
Sets the number of seconds before a warning
message is sent to users whose password is
about to expire.
Identifies whether or not users are locked out of
the directory after a given number of failed bind
attempts.
Sets the number of failed bind attempts after
which a user will be locked out of the directory.
Sets the period of time before the server resets
the retry count to zero.
Sets whether a user is locked out until the
password is reset by an administrator or whether
the user can log in again after a given lockout
duration. The default is to allow a user to log back
Red Hat Directory Server 8.1 Configuration and Command Reference
97