Red Hat Directory Server 8.0 Configuration, Command, and File Reference
For more information on password policies, see the "Managing Users and Passwords" chapter
in the Directory Server Administrator's Guide.
3.1.124. passwordUnlock (Unlock Account)
Indicates whether users are locked out of the directory for a specified amount of time or until the
administrator resets the password after an account lockout. The account lockout feature
protects against hackers who try to break into the directory by repeatedly trying to guess a
user's password. If this passwordUnlock attribute is set to off and the operational attribute
accountUnlockTime has a value of 0, then the account is locked indefinitely.
For more information on password policies, see the "Managing Users and Passwords" chapter
in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Values on | off
Default Value on
Syntax DirectoryString
Example passwordUnlock: off
3.1.125. passwordWarning (Send Warning)
Indicates the number of seconds before a user's password is due to expire that the user
receives a password expiration warning control on their next LDAP operation. Depending on the
LDAP client, the user may also be prompted to change their password at the time the warning is
sent.
For more information on password policies, see the "Managing Users and Passwords" chapter
in the Directory Server Administrator's Guide.
Parameter Description
Entry DN cn=config
Valid Range 1 to the maximum 32 bit integer value
(2147483647) in seconds
Default Value 86400 (1 day)
Syntax Integer
Example passwordWarning: 86400
3.2. cn=changelog5
Multi-master replication changelog configuration entries are stored under the cn=changelog5
entry. The changelog behaves much like a database, and it has many of attributes also used by
Chapter 2. Core Server Configuration Reference
72