LDAPA supported attributes
The LDAPA module in authentication-only mode supports a limited number of AIX® password policy attributes. The rest of the AIX attributes are satisfied by the database module.
The authentication-only LDAPA module supports the following attributes:
- maxage
- minage
- minlen
- lastupdate
- flags
- maxrepeats
- minalpha
- mindiff
- minother
- pwdwarntime
- pwdchecks
- histsize
- histexpire
- time_last_login
- time_last_unsuccessful_login
- tty_last_login
- tty_last_unsuccessful_login
- host_last_login
- host_last_unsuccessful_login
- unsuccessful_login_count
- account_locked
- loginretries
- logintimes
Not all LDAP servers support these attributes. When an LDAP server does not support all the listed attributes, the supported attributes are only the attributes that are common in both this list and in the user-attribute mapping file. The mapping file is in the /etc/security/ldap directory.
For an RFC2307 compliant server without AIX schema support, the following AIX attributes are supported:
- maxage
- minage
- lastupdate
- pwdwarntime
- lastupdate