Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition

ProcedureTo View Default Password Policy Settings

You can view default password policy settings with the dsconf command.

You can use DSCC to perform this task. For information, see Directory Service Control Center Interface and the DSCC online help.

  1. Read the default password policy configuration.


    $ dsconf get-server-prop -h host -p port -v -i \
    -w password-file | grep ^pwd-

    The password-file contains the password of directory manager.


    pwd-accept-hashed-pwd-enabled      :  N/A
    pwd-check-enabled                  :  off
    pwd-compat-mode                    :  DS5-compatible-mode
    pwd-expire-no-warning-enabled      :  on
    pwd-expire-warning-delay           :  1d
    pwd-failure-count-interval         :  10m
    pwd-grace-login-limit              :  disabled
    pwd-keep-last-auth-time-enabled    :  off
    pwd-lockout-duration               :  1h
    pwd-lockout-enabled                :  off
    pwd-lockout-repl-priority-enabled  :  on
    pwd-max-age                        :  disabled
    pwd-max-failure-count              :  3
    pwd-max-history-count              :  disabled
    pwd-min-age                        :  disabled
    pwd-min-length                     :  6
    pwd-mod-gen-length                 :  6
    pwd-must-change-enabled            :  off
    pwd-root-dn-bypass-enabled         :  off
    pwd-safe-modify-enabled            :  off
    pwd-storage-scheme                 :  SSHA
    pwd-strong-check-dictionary-path   :  instance-path/plugins/words-english-big.txt
    pwd-strong-check-enabled           :  off
    pwd-strong-check-require-charset   :  lower
    pwd-strong-check-require-charset   :  upper
    pwd-strong-check-require-charset   :  digit
    pwd-strong-check-require-charset   :  special
    pwd-supported-storage-scheme       :  CRYPT
    pwd-supported-storage-scheme       :  SHA
    pwd-supported-storage-scheme       :  SSHA
    pwd-supported-storage-scheme       :  NS-MTA-MD5
    pwd-supported-storage-scheme       :  CLEAR
    pwd-user-change-enabled            :  on