Sun Java System Directory Server Enterprise Edition 6.0 Administration Guide

Correlation Between Password Policy Attributes and dsconf Server Properties

The following table shows the password policy attributes and related dsconf server properties for each password policy area.

Policy Area 

Policy Attribute 

dsconf Server Property

Account Lockout 

pwdFailureCountInterval

pwd-failure-count-interval

pwdLockout

pwd-lockout-enabled

pwdLockoutDuration

pwd-lockout-duration

pwdMaxFailure

pwd-max-failure-count

Password Changes 

passwordRootdnMayBypassModsChecks

pwd-root-dn-bypass-enabled

pwdAllowUserChange

pwd-user-change-enabled

pwdInHistory

pwd-max-history-count

pwdMinAge

pwd-min-age

pwdMustChange

pwd-must-change-enabled

pwdSafeModify

pwd-safe-modify-enabled

Password Content 

pwdCheckQuality

pwd-check-enabled, pwd-accept-hashed-password-enabled, pwd-strong-check-dictionary-path, pwd-strong-check-enabled, pwd-strong-check-require-charset

pwdMinLength

pwd-min-length

passwordStorageScheme

pwd-storage-scheme

Password Expiration 

pwdExpireWarning

pwd-expire-warning-delay

pwdGraceAuthNLimit

pwd-grace-login-limit

pwdMaxAge

pwd-max-age

Tracking Last Authentication Time 

pwdKeepLastAuthTime

pwd-keep-last-auth-time-enabled


Note –

The properties that correlate to pwdCheckQuality configure the Password Check plug-in. Therefore, the five properties apply to the entire server instance. The five properties thus also apply to other password policies where pwdCheckQuality: 2.