PingDirectory

Viewing a specific password policy

About this task

To view a specific password policy:

Steps

  • Do one of the following:

    Choose from:

    • Use the Administrative Console.

    • Run the dsconfig tool.

    Example:

    This example uses dsconfig to view the default password policy that applies to all uses for which no specific policy is configured.

    $ bin/dsconfig get-password-policy-prop \
      --policy-name "Default Password Policy"

    Result:

    Property	                                 : Value(s)
    ------------------------------------------:--------------------------
    description                               : -
    password-attribute                        : userpassword
    default-password-storage-scheme           : Salted SHA-1
    deprecated-password-storage-scheme        : -
    password-validator                        : -
    account-status-notification-handler       : -
    allow-user-password-changes               : true
    password-change-requires-current-password : false
    force-change-on-add                       : false
    force-change-on-reset                     : false
    password-generator                        : Random Password Generator
    require-secure-authentication             : false
    require-secure-password-changes           : false
    min-password-age                          : 0s
    max-password-age                          : 0s
    max-password-reset-age                    : 0s
    password-expiration-warning-interval      : 5d
    expire-passwords-without-warning          : false
    allow-expired-password-changes            : false
    grace-login-count                         : 0s
    lockout-failure-count                     : 0s
    lockout-duration                          : 0s
    lockout-failure-expiration-interval       : 0s
    require-change-by-time                    : -
    last-login-time-attribute                 : ds-pwp-last-login-time
    last-login-time-format                    : -
    previous-last-login-time-format           : -
    idle-lockout-interval                     : 0s
    password-history-count                    : 0s
    password-history-duration                 : 0s