Setting the administration password and lockout policy
You can issue the commands provided here to turn on the administration password policy.
About this task
Note: The administration password policy is set using the
command line only. The Web administration tool does not support administration
password policy.
idsldapmodify -D <adminDN> -w <adminPW> -p <port> -i <filename>
where <filename>
contains: dn: cn=pwdPolicy Admin,cn=Configuration
changetype: modify
replace: ibm-slapdConfigPwdPolicyOn
ibm-slapdConfigPwdPolicyOn: true
To enable the
administration password policy and modify the default settings, issue
the following command:
idsldapmodify -D <adminDN> -w <adminPW> -p <port> -i <filename>
where <filename>
contains: dn: cn=pwdPolicy Admin,cn=Configuration
changetype: modify
replace: ibm-slapdConfigPwdPolicyOn
ibm-slapdConfigPwdPolicyOn: TRUE
-
replace: pwdlockout
pwdlockout: TRUE
#select TRUE to enable, FALSE to disable
-
replace:pwdmaxfailure
pwdmaxfailure: 10
-
replace:pwdlockoutduration
pwdlockoutduration: 300
# Value of pwdlockoutduration is in seconds.
-
replace:pwdfailurecountinterval
pwdfailurecountinterval: 0
-
replace:pwdminlength
pwdminlength: 8
-
replace:passwordminalphachars
passwordminalphachars: 2
-
replace:passwordminotherchars
passwordminotherchars: 2
-
replace:passwordmaxrepeatedchars
passwordmaxrepeatedchars: 2
-
replace:passwordmindiffchars
passwordmindiffchars: 2