Sun Java System Identity Synchronization for Windows 6.0 Installation and Configuration Guide

Using accountlockout

You can use the accountlockout subcommand to synchronize account lockout and unlockout between Active Directory and Directory Server.

To enable or disable the account lockout, type idsync accountlockout command.

For example:

idsync accountlockout -{e/d} -D <Directory Manager DN> -w <bind-password> 
-h <Configuration Directory-hostname> -p <Configuration Directory-port-no> 
-s <rootsuffix> [-Z] [-P <cert db path>] [-m <secmod db path>] 
-q <configuration password> -t <max lockout attempts>
Table A–10 accountlockout arguments




Select e for enabling , and d for disabling the account lockout synchronization. 


Specifies the maximum number of lockout attempts that Active Directory Connector performs.