Directory Services 7.4.2

Password Validator

This is an abstract object type that cannot be instantiated.

Password Validators are responsible for determining whether a proposed password is acceptable for use and could include checks like ensuring it meets minimum length requirements, that it has an appropriate range of characters, or that it is not in the history.

The password policy for a user specifies the set of password validators that should be used whenever that user provides a new password. In order to activate a password validator, the corresponding configuration entry must be enabled, and the DN of that entry should be included in the password-validator attribute of the password policy in which you want that validator active. All password validator configuration entries must contain the password-validator structural objectclass.

Dependencies

The following objects depend on Password Validators:

Password Validator properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties

enabled
java-class

Basic properties

Use the --advanced option to access advanced properties.

enabled

Synopsis

Indicates whether the password validator is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

java-class

Synopsis

Specifies the fully-qualified name of the Java class that provides the password validator implementation.

Default value

None

Allowed values

A Java class that extends or implements:

  • org.opends.server.api.PasswordValidator

Multi-valued

No

Required

Yes

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

No

Read-only

No