Server User Manual
Chapter 2. Core Server Configuration Reference
64
Parameter Description
Example passwordMaxAge: 100
2.3.1.126. passwordMaxFailure (Maximum Password Failures)
Indicates the number of failed bind attempts after which a user is locked out of the directory. By
default, account lockout is disabled. Enable account lockout by modifying the passwordLockout
attribute.
This can be abbreviated to pwdMaxFailure.
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Range 1 to maximum integer bind failures
Default Value 3
Syntax Integer
Example passwordMaxFailure: 3
2.3.1.127. passwordMaxRepeats (Password Syntax)
Maximum number of times the same character can appear sequentially in the password. Zero (0) is
off. Integer values reject any password which used a character more than that number of times; for
example, 1 rejects characters that are used more than once (aa) and 2 rejects characters used more
than twice (aaa).
Parameter Description
Entry DN cn=config
Valid Range 0 to 64
Default Value 0
Syntax Integer
Example passwordMaxRepeats: 1
2.3.1.128. passwordMin8Bit (Password Syntax)
This sets the minimum number of 8-bit characters the password must contain.
NOTE
The 7-bit checking for userPassword must be disabled to use this.
Parameter Description
Entry DN cn=config
Valid Range 0 to 64