JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Directory Server Enterprise Edition Evaluation Guide 11 g Release 1 (
search filter icon
search icon

Document Information


1.  Overview of Directory Server Enterprise Edition

2.  Service Manageability

3.  High Data Availability and Integrity

4.  Tuned for Performance

5.  Enhanced Security

Connection-Based Access Control

Directory Server Enterprise Edition Password Policy

Managing the Password Policy Using the DSCC

Migrating to the New Password Policy

Forced Password Change After Reset

Global Account Lockout

Directory Manager Enhancements

Simplified Password Updates With LDAP Extended Operations

Tracking of Last Login Time

Enhanced Auditing for Updates Performed Using Proxy Authorization

Where to Go From Here

6.  Managed Scalability

7.  Virtual Directory

8.  Synchronizing Directory Server With Windows Users and Groups

A.  Standards and RFCs Supported by Directory Server Enterprise Edition

Global Account Lockout

When a user account is locked due to consecutive failures to bind, the user account is effectively locked across the entire collection of servers.

You can configure user account lockout using the DSCC as illustrated in the following figure.

image:Account lockout configuration in the New Password Policy wizard of the DSCC.

Directory Server now replicates account lockout data stored when a client application fails to authenticate to the server. When used together with the Directory Proxy Server capability to route binds appropriately, global account lockout can prevent a client application from gaining more than the number of tries you specify before being locked out across an entire directory service topology.

For more information, see Preventing Authentication by Using Global Account Lockout in Oracle Directory Server Enterprise Edition Deployment Planning Guide.