1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Server
  5. NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT
  6. Deployment manual

How Password Policy Works - Netscape DIRECTORY SERVER 7.0 - DEPLOYMENT Deployment Manual

Hide thumbs
Table of Contents

Advertisement

Designing a Password Policy

How Password Policy Works

Directory Server supports fine-grained password policy, which enables you to
define password policies at the subtree and user level. This allows the flexibility
of defining a password policy for:
The entire directory (similar to the previous releases of Directory Server).
Such a policy is known as the global password policy. When configured and enabled,
the policy will be applied to all users within the directory except for the Directory
Manager entry and those user entries that have local password policies enabled.
You can use this feature to define a common, single password policy for all directory
users.
A particular subtree of the directory.
Such a policy is known as the subtree level or local password policy. When
configured and enabled, the policy will be applied to all users under the specified
subtree.
You can use this feature in a hosting environment to support different password
policies for each hosted company (rather than enforcing a single policy for all the
hosted companies).
A particular user of the directory.
Such a policy is known as the user level or local password policy. When configured
and enabled, the policy will be applied to the specified user only.
You can use this feature to define different password policies for different directory
users. For example, you can configure some users to change their passwords daily,
some users to change it every month, and the rest of the users to change it every six
months.
By default, Directory Server includes entries and attributes that are relevant to the
global password policy. To set up a password policy for a subtree or user, you will
need to add a few additional entries at the subtree or user level and enable the
nsslapd-pwpolicy-local
a switch, giving you the flexibility to turn fine-grained password policy on and
off. For details about the attribute, check Netscape Directory Server Configuration,
Command, and File Reference.
144
Netscape Directory Server Deployment Guide • October 2004
attribute of the
cn=config
entry. This attribute acts as

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 7.0 - DEPLOYMENT

This manual is also suitable for:

Netscape directory server 7.0

Table of Contents