PingDirectory

Viewing a specific password policy

About this task

To view a specific password policy:

Steps

  • Do one of the following:

    Choose from:

    • Run the dsconfig tool.

    • Use the Administrative Console.

      Example:

      This example uses dsconfig to view the default password policy that applies to all uses for which no specific policy is configured.

      $ bin/dsconfig get-password-policy-prop \
        --policy-name "Default Password Policy"

      Result:

      Property	                                 : Value(s)
      ------------------------------------------:--------------------------
      description                               : -
      password-attribute                        : userpassword
      default-password-storage-scheme           : Salted SHA-1
      deprecated-password-storage-scheme        : -
      password-validator                        : -
      account-status-notification-handler       : -
      allow-user-password-changes               : true
      password-change-requires-current-password : false
      force-change-on-add                       : false
      force-change-on-reset                     : false
      password-generator                        : Random Password Generator
      require-secure-authentication             : false
      require-secure-password-changes           : false
      min-password-age                          : 0s
      max-password-age                          : 0s
      max-password-reset-age                    : 0s
      password-expiration-warning-interval      : 5d
      expire-passwords-without-warning          : false
      allow-expired-password-changes            : false
      grace-login-count                         : 0s
      lockout-failure-count                     : 0s
      lockout-duration                          : 0s
      lockout-failure-expiration-interval       : 0s
      require-change-by-time                    : -
      last-login-time-attribute                 : ds-pwp-last-login-time
      last-login-time-format                    : -
      previous-last-login-time-format           : -
      idle-lockout-interval                     : 0s
      password-history-count                    : 0s
      password-history-duration                 : 0s