Is Account Locked Rule (Sun Identity Manager Service Provider 8.1 Deployment)

Sun Identity Manager Service Provider 8.1 Deployment

Previous: Account and Password Policies
Next: Lock Account Rule

Is Account Locked Rule

The rule selected as the “Is Account Locked Rule” determines if an account is locked. The full IDMXUser view is available to this rule. The rule takes the following arguments:

maxFailedPasswordLogins — An integer declaring the maximum number of failed password logins before an account is locked according to the Service Provider System Account Policy.
maxFailedQuestionLogins — An integer declaring the maximum number of failed question logins before an account is locked according to the Service Provider System Account Policy.

The rule should return true only if the account is locked.

The sample rule “Service Provider Example Is Account Locked Rule” operates on Sun Java System Directory Server 5.x. This rule expects that the accountUnlockTime and passwordRetryCount account attributes are defined in the LDAP resource schema map.

Previous: Account and Password Policies
Next: Lock Account Rule