Updating password parameter
Configuring the account lockout policy is described in the following sections: This attribute indicates whether users are locked out of the directory after a given number of failed bind attempts.
Set the number of failed bind attempts after which the user will be locked out using the This attribute specifies the time, in seconds, after which the password failure counter will be reset.
Passwords can also be set and reset in the operation, there are some passwords that cannot be changed through regular LDAP operations.
These passwords may be stored outside the Directory Server, such as passwords stored in a SASL application. Directory Server supports the password change extended operation as defined in RFC 3062, so users can change their passwords, using a suitable client, in a standards-compliant way.
The password policy can be set so that a specific user is locked out of the directory after a given number of failed attempts to bind.This setting does not set any requirements for the letter case; requirements for the minimum number of lowercase and uppercase letters are set in the For information on creating and modifying directory entries, see Chapter 2, Creating Directory Entries.For information on inactivating user accounts, refer to Section 7.2, “Inactivating Users and Roles”. Attributes not mentioned in the command retain their previous settings.The first variant of this command listed in the synopsis changes certain per-user privileges and authentication settings. Only a database superuser can rename user accounts. (Connect as a different user if you need to do that.) Because password.