Setting the administration password and lockout policy

Edit online

You can issue the commands provided here to turn on the administration password policy.

About this task

Note: The administration password policy is set using the command line only. The Web administration tool does not support administration password policy.
idsldapmodify -D <adminDN> -w <adminPW> -p <port> -i <filename>
where <filename> contains: 
dn: cn=pwdPolicy Admin,cn=Configuration
changetype: modify
replace: ibm-slapdConfigPwdPolicyOn
ibm-slapdConfigPwdPolicyOn: true
To enable the administration password policy and modify the default settings, issue the following command: 
idsldapmodify -D <adminDN> -w <adminPW> -p <port> -i <filename>
where <filename> contains: 
dn: cn=pwdPolicy Admin,cn=Configuration
changetype: modify
replace: ibm-slapdConfigPwdPolicyOn
ibm-slapdConfigPwdPolicyOn: TRUE
-
replace: pwdlockout
pwdlockout: TRUE
#select TRUE to enable, FALSE to disable
-
replace:pwdmaxfailure
pwdmaxfailure: 10
-
replace:pwdlockoutduration
pwdlockoutduration: 300
# Value of pwdlockoutduration is in seconds.
-
replace:pwdfailurecountinterval
pwdfailurecountinterval: 0
-
replace:pwdminlength
pwdminlength: 8
-
replace:passwordminalphachars
passwordminalphachars: 2
-
replace:passwordminotherchars
passwordminotherchars: 2
-
replace:passwordmaxrepeatedchars
passwordmaxrepeatedchars: 2
-
replace:passwordmindiffchars
passwordmindiffchars: 2