Passwordlockoutduration (Lockout Duration); Passwordmaxage (Password Maximum Age); Passwordmaxfailure (Maximum Password Failures) - Red Hat DIRECTORY SERVER 7.1 Configuration

passwordLockoutDuration (Lockout Duration)

Indicates the amount of time in seconds during which users will be locked out of
the directory after an account lockout. The account lockout feature protects against
hackers who try to break into the directory by repeatedly trying to guess a user's
password. You enable and disable the account lockout feature using the
attribute.
passwordLockout
For more information on password policies, see chapter 7, "User Account
Management," in the Red Hat Directory Server Administrator's Guide.
Entry DN:
cn=config
Valid Range: 1 to the maximum 32 bit integer value (2147483647) in seconds
Default Value:
3600
Syntax: Integer
Example:
passwordLockoutDuration: 3600

passwordMaxAge (Password Maximum Age)

Indicates the number of seconds after which user passwords will expire. To use
this attribute, you must enable password expiration using the
attribute.
For more information on password policies, see chapter 7, "User Account
Management," in the Red Hat Directory Server Administrator's Guide.
Entry DN:
cn=config
Valid Range: 1 to the maximum 32 bit integer value (2147483647) in seconds
Default Value: 8640000 (100 days)
Syntax: Integer
Example:
passwordMaxAge: 100

passwordMaxFailure (Maximum Password Failures)

Indicates the number of failed bind attempts after which a user will be locked out
of the directory. By default, account lockout is disabled. You can enable account
lockout by modifying the attribute.
passwordLockout
Chapter 2
Core Server Configuration Attributes Reference
passwordExp
Core Server Configuration Reference 87