For more information on password policies, see the "Managing Users and Passwords" chapter in the HP-UX Directory Server administrator guide.

Parameter

Description

Entry DN

cn=config

Valid Values

on or off

Default Value

off

Syntax

DirectoryString

Example

passwordExp: on

2.3.1.107 passwordGraceLimit (Password expiration)

This attribute is only applicable if password expiration is enabled. After the user's password has expired, the server allows the user to connect for the purpose of changing the password. This is called a grace login. The server allows only a certain number of attempts before completely locking out the user. This attribute is the number of grace logins allowed. A value of 0 means the server does not allow grace logins.

Parameter

Description

Entry DN

cn=config

Valid Values

0 (off) to any reasonable integer

Default Value

0

Syntax

Integer

Example

passwordGraceLimit: 3

2.3.1.108 passwordHistory (Password history)

Enables password history. Password history refers to whether users are allowed to reuse passwords. By default, password history is disabled, and users can reuse passwords. If this attribute is set to on, the directory stores a given number of old passwords and prevents users from reusing any of the stored passwords. Set the number of old passwords the Directory Server stores using the passwordInHistory attribute.

For more information on password policies, see the "Managing Users and Passwords" chapter in the HP-UX Directory Server administrator guide.

Parameter

Description

Entry DN

cn=config

Valid Values

on or off

Default Value

off

Syntax

DirectoryString

Example

passwordHistory: on

2.3.1.109 passwordInHistory (Number of passwords to remember)

Indicates the number of passwords the Directory Server stores in history. Passwords that are stored in history cannot be reused by users. By default, the password history feature is disabled, meaning that the Directory Server does not store any old passwords, and so users can reuse passwords. Enable password history using the passwordHistory attribute.

64 Core server configuration reference

Page 64
Image 64
HP UX Identity Security Software manual PasswordGraceLimit Password expiration, PasswordHistory Password history