Migrating Sun Java Directory Server to HP-UX Directory Server White Paper
24
SJDS setting HPDS setting Conversion
if the pwdReset value was true; otherwise, it is
skipped.
pwdHistory
(multi-value)
passwordHistory
(multi-value)
The script renames the setting name to its new
HPDS name.
pwdFailureTime
(multi-value)
passwordRetryCount
SJDS maintains a list of timestamps of failed
authentication attempts. HPDS uses a single
counter. The script renames the setting name to
its new HPDS name, and sets the value to the
number of failed authentication timestamps
found.
pwdFailureTime
(multi-value)
retryCountResetTime
SJDS maintains a list of timestamps of failed
authentication attempts, where failed
authentication timestamps are cleared after a
configured reset interval. HPDS uses a single
timestamp to indicate when the count of failed
authentication attempts is cleared. The script
renames the setting name to its new HPDS
name, and sets the value to the result of adding
the configured failed authentication reset interval
value to the most recent of the failed
authentication timestamps.
pwdAccountLockedTime accountUnlockTime
SJDS maintains a timestamp indicating the time
the account was locked. HPDS uses a
timestamp to indicate when an account will be
unlocked. Furthermore, both SJDS and HPDS
use a special value that indicates that the
account is locked without a scheduled unlock
time and both require an administrator to
manually unlock the account.
The script renames the setting name to its new
HPDS name and converts the value. If the SJDS
value was set to 000001010000Z, then it is
replaced with 19700101000000Z to indicate a
permanent lockout. If the value was any other
timestamp, then the new value is set to the result
of adding the configured lockout duration
password policy setting to the account lock
timestamp.
pwdChangedTime passwordAllowChangeTime
SJDS maintains a timestamp indicating the time
the password was last changed, and enforces
minimum password age by comparing the
timestamp with the configured minimum age
setting. HPDS uses a timestamp that indicates
the time after which the password may be
changed.
The script renames and sets the value to the
result of adding the configured minimum age to
the password change timestamp. If the
timestamp in the SJDS pwdChangedTime
cannot be parsed, the starting time of the
migration is used instead.
pwdChangedTime passwordExpirationTime
SJDS maintains a timestamp indicating the time
the password was last changed, and enforces
password expiration by comparing the
timestamp with the configured maximum age
setting. HPDS uses a timestamp that indicates
expiration time of the password.