For more information on password policies, see the "Managing Users and Passwords" chapter in the
Parameter | Description |
Entry DN | cn=config |
|
|
Valid Values | on or off |
|
|
Default Value | on |
|
|
Syntax | DirectoryString |
|
|
Example | passwordChange: on |
|
|
2.3.1.105 passwordCheckSyntax (Check password syntax)
This attribute sets whether the password syntax is checked before the password is saved. The password syntax checking mechanism checks that the password meets or exceeds the password minimum length requirement and that the string does not contain any trivial words, such as the user's name or user ID or any attribute value stored in the uid, cn, sn, givenName, ou, or mail attributes of the user's directory entry.
Password syntax includes several different categories for checking:
•Minimum number of digit characters
•Minimum number of ASCII alphabetic characters, both upper- and
•Minimum number of uppercase ASCII alphabetic characters
•Minimum number of lowercase ASCII alphabetic characters
•Minimum number of special ASCII characters, such as !@#$
•Minimum number of
•Maximum number of times that the same character can be immediately repeated, such as aaabbb
•Minimum number of character categories required per password; a category can be upper- or
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Parameter | Description |
Entry DN | cn=config |
|
|
Valid Values | on or off |
|
|
Default Value | off |
|
|
Syntax | DirectoryString |
|
|
Example | passwordCheckSyntax off |
|
|
2.3.1.106 passwordExp (Password expiration)
Indicates whether user passwords expire after a given number of seconds. By default, user passwords do not expire. After password expiration is enabled, set the number of seconds after which the password expires using the passwordMaxAge attribute.
2.3 Core server configuration attributes reference | 63 |