access control instruction (ACI)
authentication password syntax
authorization identity control
Common Development and Distribution License
deprecated password storage scheme
Directory Services Markup Language
entry change notification control
extensible match search filter
greater than or equal to search filter
less than or equal to search filter
Lightweight Directory Access Protocol
notice of disconnection unsolicited notification
Password Modify extended operation
Simple Authentication and Security Layer
virtual attributes only control
A password validator is a component of the directory server password policy that is used to determine whether a proposed password is acceptable for use. The directory server provides an extensible API for developing custom password validators, but it does come with a number of different types of password validators, including:
A validator that can be used to reject a password if the value exists in any of the attributes contained in the user's entry.
A validator that can be used to reject a password if the value does not contain characters from an acceptable range of character sets.
A validator that can be used to reject a password if it is a word that can be found in a dictionary.
A validator that can be used to reject a password if it is too long or too short.
A validator that can be used to reject a password if it contains a string of too many repeated characters.
A validator that can be used to reject a password if it is too similar to the user's current password.
A validator that can be used to reject a password if it does not contain enough unique characters.