Red Hat DIRECTORY SERVER 8.1 Command Reference Manual page 78

Chapter 2. Core Server Configuration Reference
Parameter
Valid Range
Default Value
Syntax
Example
2.3.1.129. passwordMinAge (Password Minimum Age)
Indicates the number of seconds that must pass before a user can change their password. Use this
attribute in conjunction with the passwordInHistory (number of passwords to remember) attribute
to prevent users from quickly cycling through passwords so that they can use their old password
again. A value of zero (0) means that the user can change the password immediately.
This can be abbreviated to pwdMaxFailure.
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.
Parameter
Entry DN
Valid Range
Default Value
Syntax
Example
2.3.1.130. passwordMinAlphas (Password Syntax)
This attribute sets the minimum number of alphabetic characters password must contain.
Parameter
Entry DN
Valid Range
Default Value
Syntax
Example
2.3.1.131. passwordMinCategories (Password Syntax)
This sets the minimum number of character categories that are represented in the password. The
categories are lower, upper, digit, special, and 8-bit. For example, if the value of this attribute were
set to 2, and the user tried to change the password to aaaaa, the server would reject the password
because it contains only lower case characters, and therefore contains characters from only one
category. A password of aAaAaA would pass because it contains characters from two categories,
uppercase and lowercase. The default is 3, which means that if password syntax checking is enabled,
valid passwords have to have three categories of characters.
Parameter
Entry DN
64
Description
0 to 64
0
Integer
passwordMin8Bit: 0
Description
cn=config
0 to valid maximum integer
0
Integer
passwordMinAge: 150
Description
cn=config
0 to 64
0
Integer
passwordMinAlphas: 4
Description
cn=config