Red Hat 8.1 사용자 설명서
Chapter 2. Core Server Configuration Reference
62
the Directory Server does not store any old passwords, and so users can reuse passwords. Enable
password history using the passwordHistory attribute.
password history using the passwordHistory attribute.
To prevent users from rapidly cycling through the number of passwords that are tracked, use the
passwordMinAge
passwordMinAge
attribute.
This can be abbreviated to pwdInHistory.
For more information on password policies, see the "Managing Users and Passwords" chapter in the
Directory Server Administrator's Guide.
Parameter
Description
Entry DN
cn=config
Valid Range
2 to 24 passwords
Default Value
6
Syntax
Integer
Example
passwordInHistory: 7
2.3.1.121. passwordIsGlobalPolicy (Password Policy and Replication)
This attribute controls whether password policy attributes are replicated.
Parameter
Description
Entry DN
cn=config
Valid Values
on | off
Default Value
off
Syntax
DirectoryString
Example
passwordIsGlobalPolicy: off
2.3.1.122. passwordKeepHistory
This attribute sets whether a password history is maintained for users.
Parameter
Description
Entry DN
cn=config
Valid Values
0 (no history) or 1 (keep history)
Default Value
0
Syntax
DirectoryString
Example
passwordKeepHistory: 1
2.3.1.123. passwordLockout (Account Lockout)
Indicates whether users are locked out of the directory after a given number of failed bind attempts.
By default, users are not locked out of the directory after a series of failed bind attempts. If account
lockout is enabled, set the number of failed bind attempts after which the user is locked out using the
passwordMaxFailure
By default, users are not locked out of the directory after a series of failed bind attempts. If account
lockout is enabled, set the number of failed bind attempts after which the user is locked out using the
passwordMaxFailure
attribute.