Sun Java System Directory Server Enterprise Edition 6.1 Installation Guide

Using the Account Lockout Feature

Enable Account Lockout Synchronization between Directory Server and Active Directory.

Use these settings to enable and disable the account
lockout synchronization.

To enable Account lockout synchronization, you need to map attributes pwdaccountlockedtime (Directory Server) and lockoutTime (AD). pwdaccountlockedtime can be selected in the console after loading the schema with passwordObject object class.

Select the attributes that you want to synchronize and
click Save
Note –

You can enable or disable the account lockout synchronization using command line tool idsync accountlockout. For more information, see Appendix A, Using the Identity Synchronization for Windows Command Line Utilities.