Enabling password policy for platform users
If you are running IAS version 1.0.11.1 or later, you can enable password policy for platform users from internal LDAP server.
About this task
Note: When password policy is enabled on the system, any existing users are affected by it. Any user
whose password exceeded the maximum number of days defined in the password policy, on their next
login, is prompted to change their password.
Procedure
Results
ap_ldap_ppolicy.p listpolicy
+----------------------------------------------------------------+
| Internal LDAP Password Policy |
+----------------------------------------+-------------+---------+
| Password Policy Attribute | Value | Unit |
+----------------------------------------+-------------+---------+
| pwdMaxAge | 90 | Days |
| pwdExpireWarning | 10 | Days |
| pwdInHistory | 5 | |
| pwdMaxFailure | 5 | |
| pwdLockout | TRUE | |
| pwdLockoutDuration | 1800 | Seconds |
| pwdFailureCountInterval | 900 | Seconds |
| pwdMustChange | TRUE | |
| pwdAllowUserChange | TRUE | |
| pwdSafeModify | FALSE | |
+----------------------------------------+-------------+---------+
| Password Complexity Attribute | Value | Unit |
+----------------------------------------+-------------+---------+
| pwdMinLength | 15 | Chars |
| pwdMinUppercase | 1 | Chars |
| pwdMinLowercase | 1 | Chars |
| pwdMinDigits | 1 | Chars |
| pwdMinSpecialchars | 1 | Chars |
| pwdMinDiffCharsfromOld | 8 | Chars |
| pwdMaxRepeatChar | 3 | Chars |
| pwdMaxclassChars | 4 | Chars |
| pwdMinclasses | 4 | Chars |
+----------------------------------------+-------------+---------+