Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Starting and Stopping the Server
2. Configuring the Server Instance
3. Configuring the Proxy Components
4. Configuring Security Between Clients and Servers
5. Configuring Security Between the Proxy and the Data Source
6. Managing Oracle Unified Directory With Oracle Directory Services Manager
10. Managing Users and Groups With dsconfig
11. Managing Password Policies
To View the Properties of the Default Password Policy
Configuring Password Policies by Using the Command Line
To Create a New Password Policy
To Create a First Login Password Policy
To Assign a Password Policy to an Individual Account
To Prevent Password Policy Modifications
To Assign a Password Policy to a Group of Users
Configuring Password Policies by Using Oracle Directory Services Manager
List the Configured Password Policy Subentries
Create a Password Policy Subentry
Create a Password Policy Subentry Based on an Existing Password Policy Subentry
Delete a Password Policy Subentry
Display the Configured Password Policies
Create a Password Policy Based on an Existing Password Policy
Display the Supported Password Validators
Enable or Disable a Password Validator
Display the Supported Password Storage Schemes
Enable or Disable a Password Storage Scheme
All password policies reside in the directory server configuration (under cn=config). Configuration information is not replicated and is specific to each directory server instance. If you modify the default password policy, you must make the same changes on each directory server instance in a replicated topology. Similarly, specialized password policies are not replicated to other directory servers.
Additional considerations for using password policies in replicated environments include the following:
The directory server replicates all password information (current password, password history, password expiration) that is stored in the user entry.
If a user changes his password, the new password might take a while to be updated on all replicas.
A user might receive multiple password expiration warnings, one from each replicated server.