Red Hat Directory Server 8.0 Configuration, Command, and File Reference
Parameter Description
Entry DN cn=config
Valid Values on | off
Default Value off
Syntax DirectoryString
Example passwordIsGlobalPolicy: off
3.1.106. passwordLockout (Account Lockout)
Indicates whether users are locked out of the directory after a given number of failed bind
attempts. By default, users are not locked out of the directory after a series of failed bind
attempts. If account lockout is enabled, set the number of failed bind attempts after which the
user is locked out using the passwordMaxFailure attribute.
For more information on password policies, see the "Managing Users and Passwords" chapter
in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Values on | off
Default Value on
Syntax DirectoryString
Example passwordLockout: off
3.1.107. passwordLockoutDuration (Lockout Duration)
Indicates the amount of time in seconds during which users are locked out of the directory after
an account lockout. The account lockout feature protects against hackers who try to break into
the directory by repeatedly trying to guess a user's password. Enable and disable the account
lockout feature using the passwordLockout attribute.
For more information on password policies, see the "Managing Users and Passwords" chapter
in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Range 1 to the maximum 32 bit integer value
(2147483647) in seconds
Default Value 3600
Syntax Integer
Example passwordLockoutDuration: 3600
cn=config
65