Configuring A Global Password Policy Using The Console - Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for DIRECTORY SERVER 8.0 - ADMINISTRATION:
- Installation manual (128 pages) ,
- Command reference manual (278 pages)
Table of Contents
Advertisement
Chapter 7. Managing User Accounts and Passwords
• Bind information. The bind information includes the number of grace logins permitted, password
aging attributes, and tracking bind failures.
The sections that follow describe the procedures for configuring the password policy:
Section 7.1.1.1, "Configuring a Global Password Policy Using the Console"
•
Section 7.1.1.2, "Configuring a Subtree/User Password Policy Using the Console"
•
Section 7.1.1.3, "Configuring a Global Password Policy Using the Command-Line"
•
Section 7.1.1.4, "Configuring Subtree/User Password Policy Using the Command-Line"
•
NOTE
After configuring the password policy, we recommend configuring an account lockout
policy. For details, see
7.1.1.1. Configuring a Global Password Policy Using the Console
To set up or modify the password policy for an entire directory, do the following:
1. In the Directory Server Console, select the Configuration tab and then the Data node.
2. In the right pane, select the Passwords tab.
This tab contains the password policy for the entire Directory Server.
3. Check the Enable fine-grained password policy checkbox. Enabling the password policy makes
the other sections on the screen active.
4. To require users to change their password the first time they log on, select the User must change
password after reset checkbox. If this checkbox is selected, only the Directory Manager is
authorized to reset the user's password. A regular administrative user cannot force the users to
update their password.
5. To allow users to change their own passwords, select the User may change password checkbox.
6. To prevent users from changing their password for a specific duration, enter the number of days in
the Allow changes in X day(s) text box.
7. For the server to maintain a history list of passwords used by each user, select the Keep
password history checkbox. Enter the number of passwords for the server to keep for each user
in the Remember X passwords text box.
8. If user passwords should not expire, select the Password never expires radio button.
9. To require users to change their passwords periodically, select the Password expires after X
days radio button, and then enter the number of days that a user password is valid.
The maximum value for the password age is derived by subtracting January 18, 2038, from
today's date. The entered value must not be set to the maximum value or too close to the
maximum value. Setting the value to the maximum value can cause the Directory Server to fail
to start because the number of seconds will go past the epoch date. In such an event, the error
208
Section 7.1.4, "Configuring the Account Lockout
Policy".
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION
Related Products for Red Hat DIRECTORY SERVER 8.0 - ADMINISTRATION
- Red Hat DIRECTORY SERVER 2.0 - GATEWAY
- Red Hat DIRECTORY SERVER 7.1 SP7 - S
- Red Hat DIRECTORY SERVER 8.1 - USING RED HAT CONSOLE 4-28-2008
- Red Hat DIRECTORY SERVER 8.1 - USING THE ADMIN SERVER
- Red Hat Linux Virtual Server
- Red Hat LINUX VIRTUAL SERVER - FOR ENTERPRISE LINUX 5.2 REV 05-2008
- Red Hat LINUX VIRTUAL SERVER 4.5 - ADMINISTRATION
- Red Hat LINUX VIRTUAL SERVER 4.6 - ADMINISTRATION
Need help?
Do you have a question about the DIRECTORY SERVER 8.0 - ADMINISTRATION and is the answer not in the manual?
Questions and answers