Chapter 7 User Account Management; Managing The Password Policy - Netscape DIRECTORY SERVER 6.01 - ADMINISTRATOR Administrator's Manual

When a user connects to your Netscape Directory Server (Directory Server), first
the user is authenticated. Then, the directory can grant access rights and resource
limits to the user depending upon the identity established during authentication.
This chapter describes tasks for user account management, including configuring
the password and account lockout policy for your directory, denying groups of
users access to the directory, and limiting system resources available to users
depending upon their bind DNs.
This chapter contains the following sections:
• Managing the Password Policy (page 257)
• Inactivating Users and Roles (page 266)
• Setting Resource Limits Based on the Bind DN (page 269)

Managing the Password Policy

A password policy minimizes the risks of using passwords by enforcing the
following:
• Users must change their passwords according to a schedule.
• Users must provide non-trivial passwords
Once you have established a password policy for your directory, you can protect
your user passwords from potential threads by configuring an account lockout
policy. Account lockout protects against hackers who try to break into the directory
by repeatedly guessing a user's password.
User Account Management
Chapter 7
257